CVE-2021-20834
N/A
N/A
Summary
Improper authorization in handler for custom URL scheme vulnerability in Nike App for Android versions prior to 2.177 and Nike App for iOS versions prior to 2.177.1 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Nike, Inc. | Nike App for Android versions prior to 2.177 and Nike App for iOS versions prior to 2.177.1 | Nike App for Android versions prior to 2.177 and Nike App for iOS versions prior to 2.177.1 | affected |
Weaknesses
- Improper Authorization in Handler for Custom URL Scheme
ADP Enrichment
CVE Program Container
Additional References
- https://play.google.com/store/apps/details?id=com.nike.omega
- https://apps.apple.com/app/nike/id1095459556
- https://jvn.jp/en/jp/JVN89126639/index.html
References
- https://play.google.com/store/apps/details?id=com.nike.omega
- https://apps.apple.com/app/nike/id1095459556
- https://jvn.jp/en/jp/JVN89126639/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.