CVE-2021-28613

Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue requires local access, administrator privileges and user interaction.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

History

04 Feb 2022, 16:14

Type Values Removed Values Added
References (MISC) https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html - Vendor Advisory (MISC) https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html - Patch, Vendor Advisory

05 Oct 2021, 18:42

Type Values Removed Values Added
References (MISC) https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html - (MISC) https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html - Vendor Advisory
CPE cpe:2.3:a:adobe:creative_cloud_desktop_application:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 7.7
v2 : 3.3
v3 : 7.4

27 Sep 2021, 17:01

Type Values Removed Values Added
New CVE

Information

Published : 2021-09-27 16:15

Updated : 2022-02-04 16:14


NVD link : CVE-2021-28613

Mitre link : CVE-2021-28613


JSON object : View

Products Affected

apple

  • macos

adobe

  • creative_cloud_desktop_application
CWE
CWE-379

Creation of Temporary File in Directory with Insecure Permissions