CVE-2022-28869

{"id": "CVE-2022-28869", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Secondary", "source": "cve-notifications-us@f-secure.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 0.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-04-15T11:15:07.870", "references": [{"url": "https://www.f-secure.com/en/home/support/security-advisories", "tags": ["Vendor Advisory"], "source": "cve-notifications-us@f-secure.com"}, {"url": "https://www.f-secure.com/en/home/support/security-advisories/cve-2022-28869", "tags": ["Vendor Advisory"], "source": "cve-notifications-us@f-secure.com"}, {"url": "https://www.f-secure.com/en/home/support/security-advisories", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.f-secure.com/en/home/support/security-advisories/cve-2022-28869", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad que afectaba al navegador F-Secure SAFE. Un sitio web dise\u00f1ado de forma maliciosa pod\u00eda realizar un ataque de phishing con suplantaci\u00f3n de la barra de direcciones, ya que el navegador no mostraba la URL completa, como el n\u00famero de puerto"}], "lastModified": "2024-11-21T06:58:06.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f-secure:safe:*:*:*:*:*:android:*:*", "vulnerable": true, "matchCriteriaId": "82709386-E1D2-4681-9CC2-26329E97C843", "versionEndIncluding": "18.6"}], "operator": "OR"}]}], "sourceIdentifier": "cve-notifications-us@f-secure.com"}