CVE-2021-24000 - OpenCVE

A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type="file">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox < 88.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:H/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mozilla	Firefox

Configuration 1 [-]

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1694698
https://www.mozilla.org/security/advisories/mfsa2021-16/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2021-06-24T13:20:48

Updated: 2024-08-03T19:14:10.064Z

Reserved: 2021-01-13T00:00:00

Link: CVE-2021-24000

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-06-24T14:15:09.513

Modified: 2023-08-08T14:22:24.967

Link: CVE-2021-24000

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "88", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type=\"file\">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox < 88."}], "problemTypes": [{"descriptions": [{"description": "requestPointerLock() could be applied to a tab different from the visible tab", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-24T13:20:48", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-16/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694698"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-24000", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "88"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type=\"file\">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox < 88."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "requestPointerLock() could be applied to a tab different from the visible tab"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2021-16/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-16/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694698", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694698"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:14:10.064Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-16/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694698"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-24000", "datePublished": "2021-06-24T13:20:48", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:14:10.064Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "05F82833-4C58-4D1A-B9FC-EDBE88FF93EA", "versionEndExcluding": "88.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type=\"file\">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox < 88."}, {"lang": "es", "value": "Una condici\u00f3n de carrera con las funciones requestPointerLock() y setTimeout() podr\u00eda haber resultado en un usuario interactuando con una pesta\u00f1a cuando cre\u00eda que estaba en una pesta\u00f1a separada. En conjunci\u00f3n con determinados elementos (como <input type=\"file\">) esto podr\u00eda haber conllevado a un ataque donde un usuario se confundiera sobre el origen de la p\u00e1gina web y potencialmente revelara informaci\u00f3n que no pretend\u00eda. Esta vulnerabilidad afecta a Firefox versiones anteriores a 88"}], "id": "CVE-2021-24000", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-24T14:15:09.513", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694698"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-16/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}