Vulnerability Details : CVE-2021-29978
Potential exploit
Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN < 2.3.
Products affected by CVE-2021-29978
- cpe:2.3:a:mozilla:mozilla_vpn:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-29978
1.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-29978
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2021-29978
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/801
FVP-02-006 WP3: Race condition in Ping Sender could expose gateway IP · Issue #801 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/808
FVP-02-012 WP5: Unencrypted shared preferences · Issue #808 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/806
FVP-02-011 API: Information disclosure via device endpoint · Issue #806 · mozilla-mobile/mozilla-vpn-client · GitHubExploit;Third Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/804
FVP-02-009 WP5: Secure flag missing on views for Android app · Issue #804 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://www.mozilla.org/security/advisories/mfsa2021-31/
Multiple Low Security Issues in Mozilla VPN — MozillaVendor Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/799
FVP-02-004 WP4: ATS policy unnecessarily weakened · Issue #799 · mozilla-mobile/mozilla-vpn-client · GitHubExploit;Third Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/810
FVP-02-014 General: Cross-site WebSocket hijacking · Issue #810 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/805
FVP-02-010 WP5: Android app supports insecure v1 signature · Issue #805 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/798
FVP-02-003 General: Balrog incorrectly verifies certificate chain · Issue #798 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/809
FVP-02-013 WP5: Android app exposes sensitive data to system logs · Issue #809 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/816
FVP-02-005 WP1-3: Authenticationlistener allows disturbance of login by bakulf · Pull Request #816 · mozilla-mobile/mozilla-vpn-client · GitHubPatch;Third Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/803
FVP-02-008 WP5: Android app allows backups of application data · Issue #803 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/800
FVP-02-005 WP1-3: Authenticationlistener allows disturbance of login · Issue #800 · mozilla-mobile/mozilla-vpn-client · GitHubExploit;Third Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/812
FVP-02-016 OAuth: Auth code could be leaked by injecting port · Issue #812 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
-
https://github.com/mozilla-mobile/mozilla-vpn-client/issues/797
FVP-02-002 WP1: Balrog does not verify certificate chain on macOS · Issue #797 · mozilla-mobile/mozilla-vpn-client · GitHubThird Party Advisory
Jump to