CVE-2021-33595

EPSS 0.3%
Veröffentlicht 11.08.2021 11:15:09
Zuletzt bearbeitet 21.11.2024 06:09:09
Quelle cve-notifications-us@f-secure.
CVE-Watchlists
Login
Unerledigt
Login

F-Secure Safe browser for iOS vulnerable to Address Bar Spoofing

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 0 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

F-secure ≫ Safe SwPlatformiphone_os Version < 18.4.272901

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.3%	0.531

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.5	2.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N
cve-notifications-us@f-secure.com	3.5	2.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-33595

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-33595

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-33595

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-33595