CVE Vulnerability

CVE-2021-43017

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.

3.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 6.8 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

Scope

4.2 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.6 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html Patch Vendor Advisory
Configurations

Configuration 1
Information

Published : 2021-11-18 07:15

Updated : 2022-02-02 01:05

NVD link : CVE-2021-43017

Mitre link : CVE-2021-43017

Products Affected
No products.
CWE
CWE-379

Creation of Temporary File in Directory with Insecure Permissions