CVE-2021-43017

medium

Description

Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.

References

https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html

Details

Source: MITRE

Published: 2021-11-18

Updated: 2022-02-02

Type: CWE-379

Risk Information

CVSS v2

Base Score: 3.5

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 6.8

Severity: LOW

CVSS v3

Base Score: 4.2

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 0.6

Severity: MEDIUM