CVE-2021-33595

EPSS 0.3%
Veröffentlicht 11.08.2021 11:15:09
Zuletzt bearbeitet 21.11.2024 06:09:09
Quelle cve-notifications-us@f-secure.
CVE-Watchlists
Login
Unerledigt
Login

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

F-secure ≫ Safe SwPlatformiphone_os Version < 18.4.272901

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.3%	0.531

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.5	2.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N
cve-notifications-us@f-secure.com	3.5	2.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-33595

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-33595

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-33595

EUVD