Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_GOOGLE_CHROME_87_0_4280_141.NASLHistoryJan 06, 2021 - 12:00 a.m.
Google Chrome < 87.0.4280.141 Multiple Vulnerabilities
2021-01-0600:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
34
9.3 High
AI Score
Confidence
High
The version of Google Chrome installed on the remote macOS host is prior to 87.0.4280.141. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_01_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable Network Security, Inc.
##
include('compat.inc');
if (description)
{
script_id(144782);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/30");
script_cve_id(
"CVE-2020-15995",
"CVE-2020-16043",
"CVE-2021-21106",
"CVE-2021-21107",
"CVE-2021-21108",
"CVE-2021-21109",
"CVE-2021-21110",
"CVE-2021-21111",
"CVE-2021-21112",
"CVE-2021-21113",
"CVE-2021-21114",
"CVE-2021-21115",
"CVE-2021-21116"
);
script_xref(name:"IAVA", value:"2021-A-0006-S");
script_name(english:"Google Chrome < 87.0.4280.141 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Google Chrome installed on the remote macOS host is prior to 87.0.4280.141. It is, therefore, affected by
multiple vulnerabilities as referenced in the 2021_01_stable-channel-update-for-desktop advisory. Note that Nessus has
not tested for this issue but has instead relied only on the application's self-reported version number.");
# https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c62eaf91");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1148749");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1153595");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1155426");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1152334");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1152451");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1149125");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1151298");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1155178");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1148309");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1150065");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1157790");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1157814");
script_set_attribute(attribute:"see_also", value:"https://crbug.com/1151069");
script_set_attribute(attribute:"solution", value:
"Upgrade to Google Chrome version 87.0.4280.141 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-21106");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-21115");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/11/03");
script_set_attribute(attribute:"patch_publication_date", value:"2021/01/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/01/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:google:chrome");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("macosx_google_chrome_installed.nbin");
script_require_keys("MacOSX/Google Chrome/Installed");
exit(0);
}
include('google_chrome_version.inc');
get_kb_item_or_exit('MacOSX/Google Chrome/Installed');
google_chrome_check_version(fix:'87.0.4280.141', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21116
www.nessus.org/u?c62eaf91
crbug.com/1148309
crbug.com/1148749
crbug.com/1149125
crbug.com/1150065
crbug.com/1151069
crbug.com/1151298
crbug.com/1152334
crbug.com/1152451
crbug.com/1153595
crbug.com/1155178
crbug.com/1155426
crbug.com/1157790
crbug.com/1157814
Related
osv
osv
chromium - security update
2021-01-16 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2021-01-06 00:00:00
Chrome for Android Update
2020-10-13 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2021-01-06 00:00:00
openvas
openvas
Fedora: Security Advisory for chromium (FEDORA-2021-79926272ce)
2021-01-17 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2021:0040-1)
2021-04-16 00:00:00
Fedora: Security Advisory for chromium (FEDORA-2021-d9faeff8eb)
2021-01-23 00:00:00
nessus
nessus
Fedora 33 : chromium (2021-79926272ce)
2021-01-20 00:00:00
Debian DSA-4832-1 : chromium - security update
2021-01-20 00:00:00
openSUSE Security Update : chromium (openSUSE-2021-40)
2021-01-25 00:00:00
suse
suse
Security update for chromium (important)
2021-01-10 00:00:00
Security update for chromium (important)
2021-01-11 00:00:00
Security update for opera (moderate)
2021-01-22 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: chromium-87.0.4280.141-1.fc33
2021-01-17 01:51:52
[SECURITY] Fedora 32 Update: chromium-87.0.4280.141-1.fc32
2021-01-23 01:30:25
debian
debian
[SECURITY] [DSA 4832-1] chromium security update
2021-01-16 14:06:35
[SECURITY] [DSA 4832-1] chromium security update
2021-01-16 14:06:35
kaspersky
kaspersky
KLA12035 Multiple vulnerabilities in Google Chrome
2021-01-06 00:00:00
KLA12046 Multiple vulnerabilities in Opera
2021-01-14 00:00:00
archlinux
archlinux
[ASA-202101-20] vivaldi: multiple issues
2021-01-12 00:00:00
[ASA-202101-6] chromium: multiple issues
2021-01-08 00:00:00
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2021-01-10 00:00:00
threatpost
threatpost
Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking
2021-01-08 06:00:28
Google Chrome Zero-Day Afflicts Windows, Mac Users
2021-02-05 15:47:55
prion
prion
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
veracode
veracode
Sandbox Restrictions Bypass
2021-01-11 20:09:08
Sandbox Restrictions Bypass
2021-01-11 20:09:25
Use After Free
2021-01-11 20:09:09
redhatcve
redhatcve
CVE-2021-21113
2022-05-21 00:14:19
thn
thn
New Attack Could Let Remote Hackers Target Devices On Internal Networks
2021-01-27 12:58:00
mscve
mscve
Chromium Security Updates for Microsoft Edge (Chromium-Based)
2020-01-28 08:00:00