CVE-2021-1799
MEDIUMSafari < 14.0.3 - Port Redirection via Malicious Website
Title source: llmDescription
A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers.
References (8)
Core 8
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212147
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212146
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212148
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212149
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT212152
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ/
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/202104-03
Scores
CVSS v3
6.5
EPSS
0.0177
EPSS Percentile
75.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
Status
published
Products (9)
apple/ipad_os
< 14.4
apple/iphone_os
< 14.4
apple/macos
11.0.1 - 11.2
apple/safari
< 14.0.3
apple/tvos
< 14.4
apple/watchos
< 7.3
fedoraproject/fedora
32
fedoraproject/fedora
33
webkitgtk/webkitgtk
< 2.30.6
Published
Apr 02, 2021
Tracked Since
Feb 18, 2026