{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T01:17:10.434","vulnerabilities":[{"cve":{"id":"CVE-2021-20791","sourceIdentifier":"vultures@jpcert.or.jp","published":"2021-09-17T02:15:06.930","lastModified":"2026-06-17T03:34:27.567","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via unspecified vectors."},{"lang":"es","value":"Una vulnerabilidad de control de acceso inapropiado en RevoWorks Browser versión 2.1.230 y anteriores, permite a un atacante omitir la restricción de acceso e intercambiar archivos no autorizados entre el entorno local y el entorno aislado o la configuración del navegador web por medio de vectores no especificados"}],"affected":[{"source":"vultures@jpcert.or.jp","affectedData":[{"vendor":"J’s Communication Co., Ltd.","product":"RevoWorks Browser","versions":[{"version":"2.1.230 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jscom:revoworks_browser:*:*:*:*:*:*:*:*","versionStartIncluding":"2.1.197","versionEndIncluding":"2.1.230","matchCriteriaId":"F0FD279B-E286-4521-AF7D-0F0EDC2193E0"}]}]}],"references":[{"url":"https://jscom.jp/news-20210910_2/","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN81658818/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://jscom.jp/news-20210910_2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN81658818/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}