CVE-2021-22916

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure.

CVSS v3 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://hackerone.com/reports/1203842	Third Party Advisory
https://hackerone.com/reports/1203842	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:brave:brave:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-07-12 11:15

Updated : 2024-11-21 05:50

NVD link : CVE-2021-22916

Mitre link : CVE-2021-22916

CVE.ORG link : CVE-2021-22916

JSON object : View

Products Affected

brave

brave

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-Other

{"id": "CVE-2021-22916", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2021-07-12T11:15:07.770", "references": [{"url": "https://hackerone.com/reports/1203842", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://hackerone.com/reports/1203842", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "support@hackerone.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure."}, {"lang": "es", "value": "En Brave Desktop entre las versiones 1.17 y 1.26.60, cuando el adblocking est\u00e1 habilitado y una extensi\u00f3n de navegador proxy est\u00e1 instalada, la funcionalidad CNAME adblocking emite peticiones DNS que usaban la configuraci\u00f3n DNS del sistema en lugar de la configuraci\u00f3n proxy de la extensi\u00f3n, resultando en una posible divulgaci\u00f3n de informaci\u00f3n"}], "lastModified": "2024-11-21T05:50:54.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:brave:brave:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41D08F5F-EEE8-43E8-AA87-EF489B9DFD54", "versionEndIncluding": "1.26.60", "versionStartIncluding": "1.17.0"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}