Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to J’s Communication Co., Ltd. - RevoWorks Browser

cve-2021-20791

Vulnerability from cvelistv5

Published

2021-09-17 01:40

Modified

2024-08-03 17:53

Severity ?

Summary

Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via unspecified vectors.

References

▼	URL	Tags
	https://jscom.jp/news-20210910_2/	x_refsource_MISC
	https://jvn.jp/en/jp/JVN81658818/index.html	x_refsource_MISC

Impacted products

▼	Vendor	Product
	J’s Communication Co., Ltd.	RevoWorks Browser

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:53:22.425Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jscom.jp/news-20210910_2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN81658818/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RevoWorks Browser",
          "vendor": "J\u2019s Communication Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "2.1.230 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Access Control",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-17T01:40:24",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jscom.jp/news-20210910_2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/en/jp/JVN81658818/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2021-20791",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "RevoWorks Browser",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.1.230 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "J\u2019s Communication Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Access Control"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jscom.jp/news-20210910_2/",
              "refsource": "MISC",
              "url": "https://jscom.jp/news-20210910_2/"
            },
            {
              "name": "https://jvn.jp/en/jp/JVN81658818/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/en/jp/JVN81658818/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2021-20791",
    "datePublished": "2021-09-17T01:40:25",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:53:22.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20790