CVE-2021-28559

MEDIUM

Acrobat Reader DC <2021.001.20150 - Info Disclosure

Title source: llm

Description

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Information Exposure vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to restricted data stored within global variables and objects.

References (1)

[Release Notes, Vendor Advisory] https://helpx.adobe.com/security/products/acrobat/apsb21-29.html

Scores

CVSS v3 5.3

EPSS 0.0117

EPSS Percentile 78.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-359

Status published

Products (4)

adobe/acrobat 17.011.30059 - 17.011.30194

adobe/acrobat_dc 15.008.20082 - 21.001.20150

adobe/acrobat_reader 17.011.30059 - 17.011.30194

adobe/acrobat_reader_dc 15.008.20082 - 21.001.20150

Published Sep 02, 2021

Tracked Since Feb 18, 2026