Lucene search

Redhat.comRH:CVE-2024-7523

HistoryAug 07, 2024 - 4:08 p.m.

CVE-2024-7523

2024-08-0716:08:37

redhat.com

access.redhat.com

cve-2024-7523

firefox

android

security prompts

malicious site

permissions

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

39.6%

JSON

A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only affects Android versions of Firefox. This vulnerability affects Firefox < 129.

References

bugzilla.mozilla.org/show_bug.cgi?id=1908344

bugzilla.redhat.com/show_bug.cgi?id=2303140

nvd.nist.gov/vuln/detail/CVE-2024-7523

www.cve.org/CVERecord?id=CVE-2024-7523

www.mozilla.org/security/advisories/mfsa2024-33/

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

39.6%

JSON

Related for RH:CVE-2024-7523