Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-0233
HistoryMay 12, 2017 - 2:29 p.m.

CVE-2017-0233

2017-05-1214:29:00
NVD-CWE-noinfo
[email protected]
web.nvd.nist.gov
50
microsoft edge
elevation of privilege
vulnerability
cve-2017-0233
appcontainer sandbox
nvd

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

6.3 Medium

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.9%

JSON

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka “Microsoft Edge Elevation of Privilege Vulnerability.” This CVE ID is unique from CVE-2017-0241.

VendorProductVersionCPE
microsoft corporationedgeWindows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems.cpe:2.3:a:microsoft corporation:edge:Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems.:*:*:*:*:*:*:*

Related

prion 2
cve 1
symantec 2
mscve 2
zdi 1
kaspersky 1
nessus 4
openvas 4
mskb 4
trendmicroblog 1
prion
prion
Privilege escalation
2017-05-12 14:29:00
Privilege escalation
2017-05-12 14:29:00
cve
cve
CVE-2017-0241
2017-05-12 14:29:00
symantec
symantec
Microsoft Edge CVE-2017-0233 Remote Privilege Escalation Vulnerability
2017-05-09 00:00:00
Microsoft Edge CVE-2017-0241 Remote Privilege Escalation Vulnerability
2017-05-09 00:00:00
mscve
mscve
Microsoft Edge Elevation of Privilege Vulnerability
2017-05-09 07:00:00
Microsoft Edge Elevation of Privilege Vulnerability
2017-05-09 07:00:00
zdi
zdi
(Pwn2Own) Microsoft Edge WriteClassesOfCategory DLL Planting Sandbox Escape Vulnerability
2017-05-10 00:00:00
kaspersky
kaspersky
KLA11002 Multiple vulnerabilities in Microsoft Browser
2017-05-09 00:00:00
nessus
nessus
KB4019474: Windows 10 Version 1507 May 2017 Cumulative Update
2017-05-09 00:00:00
KB4019473: Windows 10 Version 1511 May 2017 Cumulative Update
2017-05-09 00:00:00
KB4016871: Windows 10 Version 1703 May 2017 Cumulative Update
2017-05-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4019474)
2017-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4019473)
2017-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4019472)
2017-05-10 00:00:00
mskb
mskb
May 9, 2017—KB4019473 (OS Build 10586.916)
2017-05-09 07:00:00
May 9, 2017—KB4019474 (OS Build 10240.17394)
2017-05-09 07:00:00
May 9, 2017—KB4016871 (OS Build 15063.296 and 15063.297)
2017-05-19 07:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 8, 2017
2017-05-12 16:47:57

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

6.3 Medium

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.9%

JSON
Related for CVE-2017-0233
prion2cve1symantec2mscve2zdi1kaspersky1nessus4openvas4mskb4trendmicroblog1