How severe is CVE-2021-44714?

This vulnerability has a severity rating of LOW with a CVSS score of 3.3 out of 10.

What type of vulnerability is CVE-2021-44714?

This is classified as CWE-657, which is a common weakness in software security.

CVE-2021-44714 - LOW Severity | CVSS 3.3

Vulnerability Description

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click 'allow' on the warning message of a malicious file.

Related Vulnerabilities

CVE-2021-28583

MEDIUM

CVSS:4.2(Medium)

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful ex...

CWE-6572021

CVE-2019-15611

MEDIUM

CVSS:4.9(Medium)

Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifica...

CWE-6572019

CVE-2019-0061

HIGH

CVSS:7.8(High)

The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special p...

CWE-6572019

CVE-2023-29320

HIGH

CVSS:7.8(High)

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execu...

CWE-6572023

CVE-2023-52714

HIGH

CVSS:7.5(High)

Vulnerability of defects introduced in the design process in the hwnff module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE-6572023

CVE-2024-57957

HIGH

CVSS:7.5(High)

Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE-6572024