CVE-2021-21068 - Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vu

CVE-2021-21068

Summary

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.

References

https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html

Vulnerable Configurations

cpe:2.3:a:adobe:creative_cloud_desktop_application:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:2.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:2.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:2.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:2.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:5.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:5.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:5.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:creative_cloud_desktop_application:5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CVSS

Base:	4.4 (as of 03-12-2021 - 17:42)
Impact:
Exploitability:

CWE

CWE-379

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:M/Au:N/C:P/I:P/A:P

Last major update

03-12-2021 - 17:42

Published

12-03-2021 - 19:15

Last modified

03-12-2021 - 17:42