Lucene search
HistoryJun 09, 2020 - 8:15 p.m.
CVE-2020-1220
cve-2020-1220
spoofing
vulnerability
microsoft edge
chromium-based
ie mode
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.5%
A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka âMicrosoft Edge (Chromium-based) in IE Mode Spoofing Vulnerabilityâ.
Affected configurations
Node
microsoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
ORmicrosoftedge_chromiumMatchunspecified
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
| microsoft | edge_chromium | unspecified | cpe:2.3:a:microsoft:edge_chromium:unspecified:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 2004 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 2004 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows RT 8.1",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 2004 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 7 for x64-based Systems Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 8.1 for 32-bit systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 8.1 for x64-based systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (Chromium-based) in IE Mode on Windows 7 for 32-bit Systems Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]Related
prion
prion
Spoofing
2020-06-09 20:15:00
mscve
mscve
Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability
2020-06-09 07:00:00
cvelist
cvelist
CVE-2020-1220
2020-06-09 19:43:29
nvd
nvd
CVE-2020-1220
2020-06-09 20:15:15
mskb
mskb
Cumulative security update for Internet Explorer: June 9, 2020
2020-06-09 07:00:00
June 9, 2020âKB4561643 (Monthly Rollup)
2020-06-09 07:00:00
June 9, 2020âKB4561612 (Monthly Rollup)
2020-06-09 07:00:00
kaspersky
kaspersky
KLA11813 Multiple vulnerabilities in Microsoft Browsers
2020-06-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4561643)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4561612)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4561666)
2020-06-10 00:00:00
nessus
nessus
KB4561669: Windows 7 and Windows Server 2008 R2 June 2020 Security Update
2020-06-09 00:00:00
KB4561674: Windows Server 2012 June 2020 Security Update
2020-06-09 00:00:00
KB4561673: Windows 8.1 and Windows Server 2012 R2 June 2020 Security Update
2020-06-09 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2020: The Bleeding Ghost of SMB
2020-06-23 01:31:46
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.5%
Related for CVE-2020-1220