CVE-2021-30720

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Safari versions prior to 14.1.1 tvOS versions prior to 14.6 iOS versions prior to 14.6 iPadOS versions prior to 14.6 macOS Big Sur versions prior to 11.4 watchOS versions prior to 7.5

Description The issue is related to a logic problem with inadequate restrictions, which may allow a malicious website to access restricted ports on arbitrary servers. This could potentially lead to unauthorized access to confidential data and disruption of its integrity.

Recommendations For Safari version prior to 14.1.1, update to Safari 14.1.1 or later. For tvOS version prior to 14.6, update to tvOS 14.6 or later. For iOS version prior to 14.6, update to iOS 14.6 or later. For iPadOS version prior to 14.6, update to iPadOS 14.6 or later. For macOS Big Sur version prior to 11.4, update to macOS Big Sur 11.4 or later. For watchOS version prior to 7.5, update to watchOS 7.5 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

ALSA-2021:4381

BDU:2022-00260

CESA-2021_4381

CVE-2021-30720

DSA-4945-1

MGASA-2021-0400

OPENSUSE-SU-2021:1101-1

OPENSUSE-SU-2021:2598-1

OPENSUSE-SU-2021_1101-1

OPENSUSE-SU-2021_2598-1

RHSA-2021:4381

RHSA-2021_4381

RHSA-2025:10364

RLSA-2021:4381

SUSE-SU-2021:2598-1

SUSE-SU-2021:2600-1

SUSE-SU-2021:2762-1

USN-5024-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Apple Macos

Red Hat

Rocky Linux

Safari

Suse

Ubuntu

Ios

Ipados

Macos Big Sur

Tvos

Watchos

CVE-2021-30720

Weakness Enumeration

Related Identifiers

Affected Products

References · 166