Adobe Dreamweaver Untrusted Search Path Information Disclosure Vulnerability
CVE-2021-21055 Published on February 11, 2021
Adobe Dreamweaver Untrusted Search Path Vulnerability Could Lead To Information Disclosure
Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver references, potentially resulting in information disclosure.
Vulnerability Analysis
CVE-2021-21055 can be exploited with physical access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is an Untrusted Path Vulnerability?
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
CVE-2021-21055 has been classified to as an Untrusted Path vulnerability or weakness.
Products Associated with CVE-2021-21055
Want to know whenever a new CVE is published for Adobe Dreamweaver? stack.watch will email you.
Affected Versions
Adobe Dreamweaver:- Version unspecified, <= 21.0 is affected.
- Version unspecified, <= 20.2 is affected.
- Version unspecified, <= None is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.