CVE-2021-21055 Vulnerability Details

  /     /     /  

CVE-2021-21055 Metadata Quick Info

CVE Published: 11/02/2021 | CVE Updated: 16/09/2024 | CVE Year: 2021
Source: adobe | Vendor: Adobe | Product: Dreamweaver
Status : PUBLISHED

---

CVE-2021-21055 Description

Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver references, potentially resulting in information disclosure.

Metrics

CVSS Version: 3.1 | Base Score: 6.2 MEDIUM
Vector: CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* PHYSICAL
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* LOW
    User Interaction (UI)* REQUIRED
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* HIGH
    Integrity Impact (I)* HIGH
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-426
CWE Name: Untrusted Search Path (CWE-426)
Source: Adobe

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).