Vulnerability Details : CVE-2021-33593
Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing.
Products affected by CVE-2021-33593
- cpe:2.3:a:navercorp:whale:*:*:*:*:*:iphone_os:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-33593
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-33593
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.9
|
1.4
|
NIST |
CWE ids for CVE-2021-33593
-
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.Assigned by: cve@navercorp.com (Secondary)
References for CVE-2021-33593
-
https://cve.naver.com/detail/cve-2021-43059
NAVER Security AdvisoryBroken Link;Not Applicable
Jump to