CVE-2021-23969
Mozilla: Content Security Policy violation report could have contained the destination of a redirect
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
Como se especifica en el borrador de la Política de Seguridad de Contenido W3C, cuando se crea un informe de infracción, "Los agentes de usuario necesitan asegurar que el archivo de origen sea la URL solicitada por la página, redireccionamientos previos. Si eso no es posible, los agentes de usuario deben reducir la URL a un origen para evitar fugas involuntarias". Bajo determinados tipos de redireccionamientos, Firefox ajustó incorrectamente el archivo de origen como el destino de los redireccionamientos. Se corrigió que este fuera el origen del destino de redireccionamiento. Esta vulnerabilidad afecta a Firefox versiones anteriores a 86, Thunderbird versiones anteriores a 78,8 y Firefox ESR versiones anteriores a 78,8
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-01-13 CVE Reserved
- 2021-02-25 CVE Published
- 2024-07-16 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2021/03/msg00000.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202104-09 | 2022-05-27 | |
| https://security.gentoo.org/glsa/202104-10 | 2022-05-27 | |
| https://www.debian.org/security/2021/dsa-4866 | 2022-05-27 | |
| https://www.mozilla.org/security/advisories/mfsa2021-07 | 2022-05-27 | |
| https://www.mozilla.org/security/advisories/mfsa2021-08 | 2022-05-27 | |
| https://www.mozilla.org/security/advisories/mfsa2021-09 | 2022-05-27 | |
| https://access.redhat.com/security/cve/CVE-2021-23969 | 2021-02-24 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1932109 | 2021-02-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | < 86.0 Search vendor "Mozilla" for product "Firefox" and version " < 86.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | < 78.8 Search vendor "Mozilla" for product "Firefox Esr" and version " < 78.8" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | < 78.8 Search vendor "Mozilla" for product "Thunderbird" and version " < 78.8" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||