nvd-json-data-feeds/CVE-2020/CVE-2020-99xx/CVE-2020-9987.json

{
  "id": "CVE-2020-9987",
  "sourceIdentifier": "product-security@apple.com",
  "published": "2020-12-08T20:15:17.840",
  "lastModified": "2020-12-09T21:08:22.733",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing."
    },
    {
      "lang": "es",
      "value": "Se abord\u00f3 un problema de inconsistencia de la interfaz de usuario con una administraci\u00f3n de estado mejorada. Este problema se corrigi\u00f3 en Safari versi\u00f3n 14.0. Al visitar un sitio web malicioso puede conllevar a una suplantaci\u00f3n de una barra de direcciones"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-1021"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "14.0",
              "matchCriteriaId": "8DE1F811-8D4C-4C36-82DB-FE761C07FD0B"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.apple.com/en-us/HT211845",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}