CVE-2021-21055
First published: Thu Feb 11 2021(Updated: )
Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver references, potentially resulting in information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Dreamweaver | <=20.2 | |
| Adobe Dreamweaver | =21.0 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-21055?
CVE-2021-21055 is a vulnerability in Adobe Dreamweaver versions 21.0 and earlier, and 20.2 and earlier, that allows an attacker with physical access to replace certain configuration files and dynamic libraries, resulting in information disclosure.
How severe is CVE-2021-21055?
CVE-2021-21055 has a severity rating of 6.2 (medium).
Which software versions are affected by CVE-2021-21055?
Adobe Dreamweaver versions 21.0 and earlier, and 20.2 and earlier, are affected by CVE-2021-21055.
How can an attacker exploit CVE-2021-21055?
An attacker with physical access to the system can exploit CVE-2021-21055 by replacing certain configuration files and dynamic libraries that Dreamweaver references.
Where can I find more information about CVE-2021-21055?
You can find more information about CVE-2021-21055 on the Adobe website at [https://helpx.adobe.com/security/products/dreamweaver/apsb21-13.html](https://helpx.adobe.com/security/products/dreamweaver/apsb21-13.html).
- collector/nvd-index
- vendor/adobe
- canonical/adobe dreamweaver
- version/adobe dreamweaver/20.2
- version/adobe dreamweaver/21.0
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows