CVE-2024-11701

EPSS 0.19%
Veröffentlicht 26.11.2024 14:15:19
Zuletzt bearbeitet 05.04.2025 00:36:49
Quelle security@mozilla.org
CVE-Watchlists
Login
Unerledigt
Login

The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 2 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version < 133.0

Mozilla ≫ Thunderbird Version < 133.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.406

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

https://www.mozilla.org/security/advisories/mfsa2024-63/

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2024-67/

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=1914797

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2024-11701

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-11701

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-11701

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-11701