CVE-2021-29978

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-29978
Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN < 2.3.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/797 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/798 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/799 Exploit Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/800 Exploit Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/801 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/803 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/804 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/805 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/806 Exploit Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/808 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/809 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/810 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/812 Third Party Advisory
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/816 Patch Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2021-31/ Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:mozilla_vpn:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2021-08-05 20:15

Updated : 2024-02-28 18:28

NVD link : CVE-2021-29978

Mitre link : CVE-2021-29978

CVE.ORG link : CVE-2021-29978

JSON object : View

Products Affected

mozilla

  • mozilla_vpn
CWE
NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024