{"containers": {"cna": {"affected": [{"product": "Captivate", "vendor": "Adobe", "versions": [{"status": "affected", "version": "11.5.1.499 and earlier"}]}], "datePublic": "2021-01-12T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "Uncontrolled Search Path Element (CWE-427)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-01-13T22:40:01.000Z", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html"}], "source": {"discovery": "EXTERNAL"}, "title": "Uncontrolled Search Path Element in Adobe Captivate 2019", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "DATE_PUBLIC": "2021-01-12T23:00:00.000Z", "ID": "CVE-2021-21011", "STATE": "PUBLIC", "TITLE": "Uncontrolled Search Path Element in Adobe Captivate 2019"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Captivate", "version": {"version_data": [{"version_value": "11.5.1.499 and earlier"}]}}]}, "vendor_name": "Adobe"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges."}]}, "impact": {"cvss": {"attackComplexity": "High", "attackVector": "Local", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Uncontrolled Search Path Element (CWE-427)"}]}]}, "references": {"reference_data": [{"name": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:53:23.087Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-23T13:20:30.318293Z", "id": "CVE-2021-21011", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T19:47:19.884Z"}}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2021-21011", "datePublished": "2021-01-13T22:40:01.701Z", "dateReserved": "2020-12-18T00:00:00.000Z", "dateUpdated": "2025-04-23T19:47:19.884Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:53:23.087Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-21011", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-23T13:20:30.318293Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T13:20:31.989Z"}}], "cna": {"title": "Uncontrolled Search Path Element in Adobe Captivate 2019", "source": {"discovery": "EXTERNAL"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Adobe", "product": "Captivate", "versions": [{"status": "affected", "version": "11.5.1.499 and earlier"}]}], "datePublic": "2021-01-12T00:00:00.000Z", "references": [{"url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-427", "description": "Uncontrolled Search Path Element (CWE-427)"}]}], "providerMetadata": {"orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe", "dateUpdated": "2021-01-13T22:40:01.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"scope": "Unchanged", "version": "3.1", "baseScore": 7.8, "attackVector": "Local", "baseSeverity": "High", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "High", "userInteraction": "Required", "attackComplexity": "High", "availabilityImpact": "High", "privilegesRequired": "None", "confidentialityImpact": "High"}}, "source": {"discovery": "EXTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "11.5.1.499 and earlier"}]}, "product_name": "Captivate"}]}, "vendor_name": "Adobe"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html", "name": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Uncontrolled Search Path Element (CWE-427)"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-21011", "STATE": "PUBLIC", "TITLE": "Uncontrolled Search Path Element in Adobe Captivate 2019", "ASSIGNER": "psirt@adobe.com", "DATE_PUBLIC": "2021-01-12T23:00:00.000Z"}}}}, "cveMetadata": {"cveId": "CVE-2021-21011", "state": "PUBLISHED", "dateUpdated": "2025-04-23T19:47:19.884Z", "dateReserved": "2020-12-18T00:00:00.000Z", "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "datePublished": "2021-01-13T22:40:01.701Z", "assignerShortName": "adobe"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:captivate:*:*:*:*:*:*:*:*", "matchCriteriaId": "60FE4F6A-85A8-4BE1-9725-957DE2AC67E9", "versionEndIncluding": "11.5.1.499", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges."}, {"lang": "es", "value": "Adobe Captivate 2019 versiones 11.5.1.499 (y anteriores) est\u00e1 afectado por una vulnerabilidad de elemento de ruta de b\u00fasqueda no controlada que podr\u00eda conllevar a una escalada de privilegios. Un atacante con permisos para escribir en el sistema de archivos podr\u00eda aprovechar esta vulnerabilidad para escalar los privilegios"}], "id": "CVE-2021-21011", "lastModified": "2024-11-21T05:47:23.970", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "psirt@adobe.com", "type": "Secondary"}]}, "published": "2021-01-13T23:15:14.337", "references": [{"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/captivate/apsb21-06.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "psirt@adobe.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}