admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-286xx/CVE-2021-28637.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

171 lines
6.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-28637",
"sourceIdentifier": "psirt@adobe.com",
"published": "2021-08-20T19:15:09.317",
"lastModified": "2024-11-21T05:59:59.903",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability achieve arbitrary read / write system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Acrobat Reader DC versiones 2021.005.20054 (y anteriores), 2020.004.30005 (y anteriores), y 2017.011.30197 (y anteriores), est\u00e1n afectadas por una vulnerabilidad de lectura fuera de l\u00edmites. Un atacante no autenticado podr\u00eda aprovechar esta vulnerabilidad para lograr una lectura/escritura arbitraria de informaci\u00f3n del sistema en el contexto del usuario actual. Una explotaci\u00f3n de este problema requiere una interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:N",
"baseScore": 8.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "NONE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 9.2,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "21.005.20054",
"matchCriteriaId": "4A62CC78-7097-4825-8B08-2212B11E1F18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30197",
"matchCriteriaId": "7FDBB717-4658-426A-A98A-DA88EC0515B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.004.30005",
"matchCriteriaId": "08E31636-C406-4C4B-8F1D-E9DFD5572FF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "21.005.20054",
"matchCriteriaId": "1EC1FC1B-592F-4635-A71C-1DCFAD3063DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30197",
"matchCriteriaId": "D92E01B2-E4D3-414F-8852-294499AE4226"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.004.30005",
"matchCriteriaId": "B78681E4-7FA9-4D05-9A5B-1B19097B5C41"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"source": "psirt@adobe.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink