{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-11701","assignerOrgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","state":"PUBLISHED","assignerShortName":"mozilla","dateReserved":"2024-11-25T16:29:40.915Z","datePublished":"2024-11-26T13:33:56.951Z","dateUpdated":"2024-11-27T15:44:38.510Z"},"containers":{"cna":{"affected":[{"product":"Firefox","vendor":"Mozilla","versions":[{"lessThan":"133","status":"affected","version":"unspecified","versionType":"custom"}]},{"product":"Thunderbird","vendor":"Mozilla","versions":[{"lessThan":"133","status":"affected","version":"unspecified","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133.","supportingMedia":[{"type":"text/html","base64":false,"value":"The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133."}]}],"problemTypes":[{"descriptions":[{"description":"Misleading Address Bar State During Navigation Interruption","lang":"en","type":"text"}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914797"},{"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"}],"credits":[{"lang":"en","value":"Daniel Holbert"}],"providerMetadata":{"orgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","shortName":"mozilla","dateUpdated":"2024-11-26T13:33:56.951Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-290","lang":"en","description":"CWE-290 Authentication Bypass by Spoofing"}]}],"affected":[{"vendor":"mozilla","product":"firefox","cpes":["cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"133","versionType":"custom"}]},{"vendor":"mozilla","product":"thunderbird","cpes":["cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"133","versionType":"custom"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":4.3,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","integrityImpact":"LOW","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-11-27T15:41:32.585177Z","id":"CVE-2024-11701","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-27T15:44:38.510Z"}}]}}