4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
4.2 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
4.3 Medium
AI Score
Confidence
High
0.325 Low
EPSS
Percentile
97.1%
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka âMicrosoft Edge Security Feature Bypass Vulnerability.â This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:edge | microsoft edge | eq | * |
[
{
"product": "Edge",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Edge"
}
]
}
]
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
4.2 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
4.3 Medium
AI Score
Confidence
High
0.325 Low
EPSS
Percentile
97.1%