{"containers":{"cna":{"affected":[{"product":"Acrobat Reader","vendor":"Adobe","versions":[{"lessThanOrEqual":"2020.013.20074","status":"affected","version":"unspecified","versionType":"custom"},{"lessThanOrEqual":"2020.001.30018","status":"affected","version":"unspecified","versionType":"custom"},{"lessThanOrEqual":"2017.011.30188","status":"affected","version":"unspecified","versionType":"custom"},{"lessThanOrEqual":"None","status":"affected","version":"unspecified","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulnerability to elevate privileges in the context of the current user."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-284","description":"Improper Access Control (CWE-284)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-02-11T19:42:20.000Z","orgId":"078d4453-3bcd-4900-85e6-15281da43538","shortName":"adobe"},"references":[{"tags":["x_refsource_MISC"],"url":"https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"}],"source":{"discovery":"EXTERNAL"},"title":"Acrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege Escalation","x_ConverterErrors":{"DATE_PUBLIC":{"error":"v4 DATE_PUBLIC is invalid","message":"('Unknown string format:', 'NoneT23:00:00.000Z')"}},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@adobe.com","DATE_PUBLIC":"NoneT23:00:00.000Z","ID":"CVE-2021-21045","STATE":"PUBLIC","TITLE":"Acrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege Escalation"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Acrobat Reader","version":{"version_data":[{"version_affected":"<=","version_value":"2020.013.20074"},{"version_affected":"<=","version_value":"2020.001.30018"},{"version_affected":"<=","version_value":"2017.011.30188"},{"version_affected":"<=","version_value":"None"}]}}]},"vendor_name":"Adobe"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulnerability to elevate privileges in the context of the current user."}]},"impact":{"cvss":{"attackComplexity":"None","attackVector":"None","availabilityImpact":"None","baseScore":8.2,"baseSeverity":"High","confidentialityImpact":"None","integrityImpact":"None","privilegesRequired":"None","scope":"None","userInteraction":"None","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Improper Access Control (CWE-284)"}]}]},"references":{"reference_data":[{"name":"https://helpx.adobe.com/security/products/acrobat/apsb21-09.html","refsource":"MISC","url":"https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"}]},"source":{"discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T18:01:12.607Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"}]},{"affected":[{"vendor":"adobe","product":"acrobat_reader_2017","cpes":["cpe:2.3:a:adobe:acrobat_reader_2017:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"17.0","status":"affected","lessThanOrEqual":"17.011.30188","versionType":"custom"}]},{"vendor":"adobe","product":"acrobat_2017","cpes":["cpe:2.3:a:adobe:acrobat_2017:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"17.0","status":"affected","lessThanOrEqual":"17.011.30188","versionType":"custom"}]},{"vendor":"adobe","product":"acrobat_reader_2020","cpes":["cpe:2.3:a:adobe:acrobat_reader_2020:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"20.0","status":"affected","lessThanOrEqual":"20.001.30018","versionType":"custom"}]},{"vendor":"adobe","product":"acrobat_2020","cpes":["cpe:2.3:a:adobe:acrobat_2020:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"20.0","status":"affected","lessThanOrEqual":"20.001.30018","versionType":"custom"}]},{"vendor":"adobe","product":"acrobat_reader_dc","cpes":["cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"20.013.20074","versionType":"custom"}]},{"vendor":"adobe","product":"acrobat_reader_dc","cpes":["cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"20.013.20074","versionType":"custom"}]},{"vendor":"adobe","product":"acrobat_dc","cpes":["cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"20.013.20074","versionType":"custom"}]},{"vendor":"adobe","product":"acrobat_dc","cpes":["cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"20.013.20074","versionType":"custom"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-08-22T16:30:57.861562Z","id":"CVE-2021-21045","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-22T16:39:45.881Z"}}]},"cveMetadata":{"assignerOrgId":"078d4453-3bcd-4900-85e6-15281da43538","assignerShortName":"adobe","cveId":"CVE-2021-21045","dateReserved":"2020-12-18T00:00:00.000Z","dateUpdated":"2024-09-16T21:07:41.363Z","state":"PUBLISHED","datePublished":"2021-02-11T19:42:20.339Z"},"dataType":"CVE_RECORD","dataVersion":"5.1"}