admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-335xx/CVE-2021-33595.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

139 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-33595",
"sourceIdentifier": "cve-notifications-us@f-secure.com",
"published": "2021-08-11T11:15:09.203",
"lastModified": "2021-08-19T18:45:02.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad de suplantaci\u00f3n de la barra de direcciones en Safe Browser para iOS. Se muestra la URL leg\u00edtima en la barra de direcciones mientras se carga el contenido de otro dominio. Esto hace creer al usuario que el contenido es servido por un dominio leg\u00edtimo. Un atacante remoto puede aprovechar esto para llevar a cabo un ataque de falsificaci\u00f3n de la barra de direcciones"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "cve-notifications-us@f-secure.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.5
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f-secure:safe:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "18.4.272901",
"matchCriteriaId": "0D793BD2-1CBF-492B-823B-F8CB0FF45476"
}
]
}
]
}
],
"references": [
{
"url": "https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame",
"source": "cve-notifications-us@f-secure.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories",
"source": "cve-notifications-us@f-secure.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595",
"source": "cve-notifications-us@f-secure.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink