← Voltar para CVEs

CVE-2021-33595

LOW

3.5

Descricao

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.

Detalhes CVE

Pontuacao CVSS v3.13.5

SeveridadeLOW

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosLOW

Interacao do usuarioREQUIRED

Publicado8/11/2021

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

f-secure:safe

Referencias

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame(cve-notifications-us@f-secure.com)

https://www.f-secure.com/en/business/support-and-downloads/security-advisories(cve-notifications-us@f-secure.com)

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595(cve-notifications-us@f-secure.com)

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame(af854a3a-2127-422b-91ae-364da2661108)

https://www.f-secure.com/en/business/support-and-downloads/security-advisories(af854a3a-2127-422b-91ae-364da2661108)

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.