CVE-2020-26975

When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1661071	Permissions Required
https://www.mozilla.org/security/advisories/mfsa2020-54/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*

History

No history.

Information

Published : 2021-01-07 14:15

Updated : 2024-02-28 18:08

NVD link : CVE-2020-26975

Mitre link : CVE-2020-26975

CVE.ORG link : CVE-2020-26975

JSON object : View

Products Affected

mozilla

firefox

CWE

NVD-CWE-noinfo

{"id": "CVE-2020-26975", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2021-01-07T14:15:12.110", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1661071", "tags": ["Permissions Required"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2020-54/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84."}, {"lang": "es", "value": "Cuando una aplicaci\u00f3n maliciosa instalada en el dispositivo del usuario transmiti\u00f3 un Intent a Firefox para Android, se podr\u00edan haber especificado encabezados arbitrarios, conllevando a ataques como abuso de autoridad ambiental o fijaci\u00f3n de sesiones. Esto se resolvi\u00f3 permitiendo solo determinados encabezados en la lista segura. *Nota: este problema solo afect\u00f3 a Firefox para Android. Otros sistemas operativos no est\u00e1n afectados.*. Esta vulnerabilidad afecta a Firefox versiones anteriores a 84"}], "lastModified": "2021-01-12T15:38:51.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "D160CE1C-3031-40AC-8A39-555253A77BCA", "versionEndExcluding": "84.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@mozilla.org"}