CVE-2021-43017

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:28

Type Values Removed Values Added
References () https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html - Patch, Vendor Advisory () https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html - Patch, Vendor Advisory

Information

Published : 2021-11-18 19:15

Updated : 2024-11-21 06:28


NVD link : CVE-2021-43017

Mitre link : CVE-2021-43017

CVE.ORG link : CVE-2021-43017


JSON object : View

Products Affected

adobe

  • creative_cloud_desktop_application

apple

  • macos
CWE
CWE-379

Creation of Temporary File in Directory with Insecure Permissions

NVD-CWE-Other