Search for vulnerabilities
Vulnerability details: VCID-8gqz-bpzt-aaam
Vulnerability ID VCID-8gqz-bpzt-aaam
Aliases CVE-2023-32205
Summary In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-451 User Interface (UI) Misrepresentation of Critical Information
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32205.json
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00115 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00115 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00115 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00115 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00115 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00115 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00138 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00143 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00144 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00144 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00144 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00144 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00144 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.00495 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
epss 0.01171 https://api.first.org/data/v1/epss?cve=CVE-2023-32205
cvssv3 4.3 https://nvd.nist.gov/vuln/detail/CVE-2023-32205
cvssv3.1 4.3 https://nvd.nist.gov/vuln/detail/CVE-2023-32205
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2023-16
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2023-17
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2023-18
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32205.json
https://api.first.org/data/v1/epss?cve=CVE-2023-32205
https://bugzilla.mozilla.org/show_bug.cgi?id=1753339
https://bugzilla.mozilla.org/show_bug.cgi?id=1753341
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32211
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32212
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32215
https://security.gentoo.org/glsa/202312-03
https://www.mozilla.org/security/advisories/mfsa2023-16/
https://www.mozilla.org/security/advisories/mfsa2023-17/
https://www.mozilla.org/security/advisories/mfsa2023-18/
2196736 https://bugzilla.redhat.com/show_bug.cgi?id=2196736
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
CVE-2023-32205 https://nvd.nist.gov/vuln/detail/CVE-2023-32205
GLSA-202401-10 https://security.gentoo.org/glsa/202401-10
mfsa2023-16 https://www.mozilla.org/en-US/security/advisories/mfsa2023-16
mfsa2023-17 https://www.mozilla.org/en-US/security/advisories/mfsa2023-17
mfsa2023-18 https://www.mozilla.org/en-US/security/advisories/mfsa2023-18
RHSA-2023:3137 https://access.redhat.com/errata/RHSA-2023:3137
RHSA-2023:3138 https://access.redhat.com/errata/RHSA-2023:3138
RHSA-2023:3139 https://access.redhat.com/errata/RHSA-2023:3139
RHSA-2023:3140 https://access.redhat.com/errata/RHSA-2023:3140
RHSA-2023:3141 https://access.redhat.com/errata/RHSA-2023:3141
RHSA-2023:3142 https://access.redhat.com/errata/RHSA-2023:3142
RHSA-2023:3143 https://access.redhat.com/errata/RHSA-2023:3143
RHSA-2023:3149 https://access.redhat.com/errata/RHSA-2023:3149
RHSA-2023:3150 https://access.redhat.com/errata/RHSA-2023:3150
RHSA-2023:3151 https://access.redhat.com/errata/RHSA-2023:3151
RHSA-2023:3152 https://access.redhat.com/errata/RHSA-2023:3152
RHSA-2023:3153 https://access.redhat.com/errata/RHSA-2023:3153
RHSA-2023:3154 https://access.redhat.com/errata/RHSA-2023:3154
RHSA-2023:3155 https://access.redhat.com/errata/RHSA-2023:3155
RHSA-2023:3220 https://access.redhat.com/errata/RHSA-2023:3220
RHSA-2023:3221 https://access.redhat.com/errata/RHSA-2023:3221
USN-6074-1 https://usn.ubuntu.com/6074-1/
USN-6075-1 https://usn.ubuntu.com/6075-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32205.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-32205
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-32205
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.45595
EPSS Score 0.00114
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.