Overview
- Description
- Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine.
- Source
- psirt@adobe.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- psirt@adobe.com
- CWE-427
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:creative_cloud:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D151373D-898C-4161-A4AF-051FDE9A2621",
"versionEndIncluding": "5.3"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]