Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-11703

Опубликовано: 26 нояб. 2024
Источник: redhat
CVSS3: 5.3

Описание

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10firefoxNot affected
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 9firefoxNot affected
Red Hat Enterprise Linux 9firefox:flatpak/firefoxNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-288
https://bugzilla.redhat.com/show_bug.cgi?id=2328937firefox: thunderbird: Password access without authentication via PIN bypass on Android

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-11703

CVSS3: 5.7
ubuntu
12 месяцев назад

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.

nvd логотип

CVE-2024-11703

CVSS3: 5.7
nvd
12 месяцев назад

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.

debian логотип

CVE-2024-11703

CVSS3: 5.7
debian
12 месяцев назад

On Android, Firefox may have inadvertently allowed viewing saved passw ...

github логотип

GHSA-wjq6-6xvc-xr82

CVSS3: 9.1
github
12 месяцев назад

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.

fstec логотип

BDU:2024-10546

CVSS3: 5.3
fstec
12 месяцев назад

Уязвимость браузера Mozilla Firefox операционных систем Android, связанная с обходом процедуры аутентификации посредством использования PIN-кода устройства, позволить нарушителю получить несанкционированный доступ к защищаемой информации

5.3 Medium

CVSS3