CVE-2023-34658

EPSS 0.07%
Veröffentlicht 29.06.2023 17:15:09
Zuletzt bearbeitet 27.11.2024 15:15:23
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Telegram ≫ Telegram Version9.6.3 SwPlatformiphone_os

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.201

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-1021 Improper Restriction of Rendered UI Layers or Frames

The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with.

https://crsrg.sh/crsrg-2308101/

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/259547

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-34658

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-34658

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-34658

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-34658