HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-47938Published Modified CNA adobe

CVE-2026-47938: Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in privilege escalation. Exploitation of this issue does not require user interaction. Scope is changed.

Metrics

CVSS v3.1
10.0
Severity
CRITICAL
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A server-side request forgery (SSRF) vulnerability affects Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier. The flaw is reachable over the network with no authentication and no user interaction required, and the CVSS scope is changed, meaning a successful attacker can pivot from the affected application to backend systems and infrastructure not normally accessible. Successful exploitation gives an attacker full read, write, and availability impact across the changed scope, including privilege escalation. No fix version has been published yet; HarborGuard tracks the advisory and will make a patched-image rebuild available the moment an upstream fix is released.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: CVE-2026-47938 is ingested from upstream advisory feeds within minutes of publication and matched against all customer images in registries and active pipelines, including custom-built images that bundle ACC or its dependencies.

Available
Triage

Triage capability is available with the full CVSS v3.1 score of 10.0 (Critical), weighted further against each customer organization's per-environment compliance policies, and routed to the appropriate team inbox inside each customer org based on configured ownership rules.

Available
Patch

Because no upstream fix has been published, HarborGuard re-checks the ACC advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment Adobe releases a corrected build. For customers with auto-remediation enabled, a rebuild, regression run, and PR against affected workloads will be initiated without manual intervention as soon as the fix version becomes available.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerability is exposed over the network; an attacker must be able to reach the ACC service via standard network connectivity to exploit it.

  • AuthenticationNot required

    No credentials or prior account access are needed; the attacker can send a malicious request as an unauthenticated user.

  • Victim interactionNot required

    Exploitation is fully server-side and requires no action from any user or administrator.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and repeatable with no race conditions or special environmental configuration required.

Blast Radius

  • An attacker can force the ACC server to issue arbitrary HTTP or internal-protocol requests to backend systems, cloud metadata endpoints, and other internal services not exposed to the public network.
  • Full confidentiality impact allows the attacker to read sensitive data accessible from the server's network position, including stored credentials, session tokens, and internal API responses.
  • Full integrity impact means the attacker can modify data or configurations on reachable internal systems through the forged requests.
  • Full availability impact means the attacker can crash or degrade the ACC service and any backend systems reachable through the forged request path.

How HarborGuard Handles This

Available on HarborGuard: because Adobe has not yet published a fix for CVE-2026-47938, HarborGuard continuously monitors the upstream advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment Adobe ships a corrected version of ACC. For customers with auto-remediation enabled, the rebuild, regression test run, and PR against affected workloads will be triggered without any manual step. In the interim, compensating controls available through HarborGuard policy include network-policy isolation to restrict outbound connections from ACC containers to explicitly allowlisted destinations, egress filtering to block requests to cloud metadata endpoints and internal subnets, and flagging any image containing ACC builds at or below 7.4.3 build 9394 as non-compliant for deployment to production environments. Given the Critical CVSS score of 10.0 and the absence of any authentication or interaction barrier, treating this as a priority remediation candidate is warranted until Adobe publishes an upstream fix.

See how HarborGuard automates this
Affected packages
  • Adobe / Adobe Campaign Classic (ACC)
    ≤ 7.4.3 build 9394
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
References