GSD-2023-0654

Vulnerability from gsd - Updated: 2023-12-13 01:20
Details
Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app.
Aliases
Aliases
CVE-2023-0654
To clipboard 

{
  "GSD": {
    "alias": "CVE-2023-0654",
    "id": "GSD-2023-0654"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-0654"
      ],
      "details": "Due to a misconfiguration, the WARP Mobile Client (\u003c 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\n\n",
      "id": "GSD-2023-0654",
      "modified": "2023-12-13T01:20:22.212926Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cna@cloudflare.com",
        "ID": "CVE-2023-0654",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "WARP Client",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected",
                            "versions": [
                              {
                                "changes": [
                                  {
                                    "at": "6.29",
                                    "status": "unaffected"
                                  }
                                ],
                                "lessThan": "6.29",
                                "status": "affected",
                                "version": "0",
                                "versionType": "patch"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cloudflare"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Due to a misconfiguration, the WARP Mobile Client (\u003c 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-1021",
                "lang": "eng",
                "value": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7",
            "refsource": "MISC",
            "url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7"
          },
          {
            "name": "https://developers.cloudflare.com/warp-client/",
            "refsource": "MISC",
            "url": "https://developers.cloudflare.com/warp-client/"
          }
        ]
      },
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cloudflare:warp:*:*:*:*:*:android:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@cloudflare.com",
          "ID": "CVE-2023-0654"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Due to a misconfiguration, the WARP Mobile Client (\u003c 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim\u0027s device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker\u0027s app.\n\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-1021"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7"
            },
            {
              "name": "https://developers.cloudflare.com/warp-client/",
              "refsource": "MISC",
              "tags": [
                "Product"
              ],
              "url": "https://developers.cloudflare.com/warp-client/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.2,
          "impactScore": 2.5
        }
      },
      "lastModifiedDate": "2023-09-01T14:43Z",
      "publishedDate": "2023-08-29T16:15Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.