Adobe Security Bulletin

Security updates available for Adobe Campaign Standard | APSB21-52 

Bulletin ID

Date Published

Priority

APSB21-52

October 12, 2021

2

Summary

Adobe has released security updates for Adobe Campaign Standard. These updates address a critical cross-site scripting vulnerability that could result in arbitrary code execution.  

Affected versions

Product Affected version Platform
Adobe Campaign Standard
Release 21.2.1 and earlier versions Windows, Linux

Solution

Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:

Product Updated version Platform Priority rating Availability
Adobe Campaign Standard
21.3 Windows and Linux 2

Release Notes

Vulnerability Details

Vulnerability Category

Vulnerability Impact

Severity

CVE Number

Cross-site Scripting (DOM-based XSS) (CWE-79) 

Arbitrary code execution 

Critical

CVE-2021-40744

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Arbitrary file system read
 

Important

CVE-2021-40745

Revisions

October 14, 2021: Updated the solution version to 21.3.

October 28, 2021: Added details for CVE-2021-40745.

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX
The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online