nvd-json-data-feeds/CVE-2021/CVE-2021-437xx/CVE-2021-43754.json

{
  "id": "CVE-2021-43754",
  "sourceIdentifier": "psirt@adobe.com",
  "published": "2022-06-15T19:15:10.207",
  "lastModified": "2022-06-24T18:59:34.423",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Prelude version 22.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "Adobe Prelude versi\u00f3n 22.1.1 (y anteriores) est\u00e1 afectada por una vulnerabilidad de corrupci\u00f3n de memoria debido a un manejo no segura de un archivo malicioso, resultando potencialmente en una ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Es requerida la interacci\u00f3n del usuario para explotar esta vulnerabilidad"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "psirt@adobe.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    },
    {
      "source": "psirt@adobe.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:adobe:prelude:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "22.1.1",
              "matchCriteriaId": "39887E20-A188-44D9-91E7-2E1EBF00063E"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://helpx.adobe.com/security/products/prelude/apsb21-114.html",
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}