CVE-2021-38492 - OpenCVE

When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Mozilla	Firefox Esr Firefox Thunderbird

Configuration 1 [-]

AND

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1721107	Exploit Issue Tracking Vendor Advisory
https://security.gentoo.org/glsa/202208-14	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2021-38/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2021-39/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2021-40/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2021-41/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2021-42/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2021-11-03T00:03:56

Updated: 2022-08-10T06:08:40

Reserved: 2021-08-10T00:00:00

Link: CVE-2021-38492

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-11-03T01:15:07.200

Modified: 2022-12-09T19:19:12.667

Link: CVE-2021-38492

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "92", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "91.1", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "78.14", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "78.14", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "91.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1."}], "problemTypes": [{"descriptions": [{"description": "Navigating to `mk:` URL scheme could load Internet Explorer", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-10T06:08:40", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-40/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-41/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-42/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-39/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721107"}, {"name": "GLSA-202208-14", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202208-14"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-38492", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "92"}]}}, {"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "91.1"}, {"version_affected": "<", "version_value": "78.14"}]}}, {"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "78.14"}, {"version_affected": "<", "version_value": "91.1"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Navigating to `mk:` URL scheme could load Internet Explorer"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2021-40/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-40/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-41/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-41/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-38/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-42/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-42/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-39/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-39/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721107", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721107"}, {"name": "GLSA-202208-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-14"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-38492", "datePublished": "2021-11-03T00:03:56", "dateReserved": "2021-08-10T00:00:00", "dateUpdated": "2022-08-10T06:08:40", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "117CF1EF-253C-4D02-96C4-EA184FC46C3A", "versionEndExcluding": "92.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF306B4F-A578-4935-82BC-190F160F00CD", "versionEndExcluding": "78.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "7E7D501C-F35F-4EAF-AC72-CC6B79405B6A", "versionEndExcluding": "91.1", "versionStartIncluding": "91.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "78AEE0F9-48F7-4838-9F35-286964487A5C", "versionEndExcluding": "78.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "808DBD53-8A8F-4695-951C-DAF9AA17462E", "versionEndExcluding": "91.1", "versionStartIncluding": "91.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1."}, {"lang": "es", "value": "Cuando se delegaba la navegaci\u00f3n al sistema operativo, Firefox aceptaba el esquema \"mk\" que pod\u00eda permitir a atacantes lanzar p\u00e1ginas y ejecutar scripts en Internet Explorer en modo no privilegiado. *Este bug s\u00f3lo afecta a Firefox para Windows. Los dem\u00e1s sistemas operativos no est\u00e1n afectados*. Esta vulnerabilidad afecta a Firefox versiones anteriores a 92, Thunderbird versiones anteriores a 91.1, Thunderbird versiones anteriores a 78.14, Firefox ESR versiones anteriores a 78.14 y Firefox ESR versiones anteriores a 91.1"}], "id": "CVE-2021-38492", "lastModified": "2022-12-09T19:19:12.667", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-11-03T01:15:07.200", "references": [{"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1721107"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202208-14"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-38/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-39/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-40/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-41/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-42/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}