Vigil@nce - WebRTC: information disclosure via Internal Address Leak
September 2020 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
Impacted products: Debian, Fedora, Chrome, Edge Chromium, Firefox, openSUSE Leap, Opera, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu, WebRTC.org.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 30/07/2020.
DESCRIPTION OF THE VULNERABILITY
An attacker can bypass access restrictions to data via Internal Address Leak of WebRTC, in order to obtain sensitive information.
