Vulnerability Description
Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges could leverage this vulnerability to achieve denial of service by planting a malicious file on the victim's local machine. User interaction is required before product installation to abuse this vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Creative Cloud Desktop Application | <= 5.5 |
| Apple | Macos | - |
Related Weaknesses (CWE)
References
- https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.htmlPatchVendor Advisory
- https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.htmlPatchVendor Advisory
FAQ
What is CVE-2021-43017?
CVE-2021-43017 is a vulnerability with a CVSS score of 4.2 (MEDIUM). Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer. An authenticated attacker with root privileges co...
How severe is CVE-2021-43017?
CVE-2021-43017 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-43017?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Creative Cloud Desktop Application, Apple Macos.