{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T17:50:56.883","vulnerabilities":[{"cve":{"id":"CVE-2023-0654","sourceIdentifier":"cna@cloudflare.com","published":"2023-08-29T16:15:08.747","lastModified":"2024-11-21T07:37:33.873","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app.\n\n"},{"lang":"es","value":"Debido a una mala configuración, el Cliente Móvil WARP (&lt; 6.29) para Android era susceptible a un ataque de tapjacking. En el caso de que un atacante creara una aplicación maliciosa y lograra instalarla en el dispositivo de una víctima, el atacante podría engañar al usuario para que creyera que la aplicación mostrada en pantalla era el cliente WARP cuando en realidad era la aplicación del atacante."}],"metrics":{"cvssMetricV31":[{"source":"cna@cloudflare.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":3.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5}]},"weaknesses":[{"source":"cna@cloudflare.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1021"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1021"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cloudflare:warp:*:*:*:*:*:android:*:*","versionEndExcluding":"6.29","matchCriteriaId":"B2EF7B54-01B4-4588-83EF-FD8261AB795E"}]}]}],"references":[{"url":"https://developers.cloudflare.com/warp-client/","source":"cna@cloudflare.com","tags":["Product"]},{"url":"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7","source":"cna@cloudflare.com","tags":["Third Party Advisory"]},{"url":"https://developers.cloudflare.com/warp-client/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/cloudflare/advisories/security/advisories/GHSA-5r97-pqv6-xpx7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}