DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-34475", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-34475", "description": "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "published": "2022-11-25T16:23:22", "modified": "2022-11-25T16:23:22", "cvss": {}, "cvss2": {}, "cvss3": {}, "href": "", "reporter": "candidate", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2022-11-25T16:23:22", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "attackerkb", "idList": ["AKB:199E11A9-43A2-4B08-BB13-E8477269BD74"]}, {"type": "kaspersky", "idList": ["KLA12212"]}, {"type": "mscve", "idList": ["MS:CVE-2021-34475"]}, {"type": "nessus", "idList": ["MICROSOFT_EDGE_CHROMIUM_91_0_864_59.NASL"]}]}, "score": {"value": 1.5, "vector": "NONE"}, "vulnersScore": 1.5}, "_state": {"dependencies": 1669393435, "score": 1669393643}, "_internal": {"score_hash": "b3391e6949e92448a86b80f2a078816c"}, "cna_cvss": {}, "cpe": [], "cpe23": [], "cwe": [], "affectedSoftware": [], "affectedConfiguration": [], "cpeConfiguration": {}, "extraReferences": []}

{"attackerkb": [{"lastseen": "2021-07-20T20:09:15", "description": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.\n\n \n**Recent assessments:** \n \n**NinjaOperator** at June 24, 2021 6:52pm UTC reported:\n\nMicrosoft Edge contains an elevation of privilege vulnerability that could allow actors to escalate privileges.\n\nSource: <https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34475>\n\nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {}, "published": "2021-06-09T00:00:00", "type": "attackerkb", "title": "CVE-2021-34475", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-34475"], "modified": "2021-06-09T00:00:00", "id": "AKB:199E11A9-43A2-4B08-BB13-E8477269BD74", "href": "https://attackerkb.com/topics/8LqARWIa9k/cve-2021-34475", "cvss": {"score": 0.0, "vector": "NONE"}}], "mscve": [{"lastseen": "2022-10-03T16:26:24", "description": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "edition": 1, "cvss3": {}, "published": "2021-06-24T07:00:00", "type": "mscve", "title": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2021-34475"], "modified": "2021-09-21T07:00:00", "id": "MS:CVE-2021-34475", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34475", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2023-01-11T14:50:35", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 91.0.864.59. It is, therefore, affected by multiple vulnerabilities as referenced in the June 24, 2021 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-06-25T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 91.0.864.59 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34475", "CVE-2021-34506"], "modified": "2021-06-25T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_91_0_864_59.NASL", "href": "https://www.tenable.com/plugins/nessus/150999", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150999);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/25\");\n\n script_cve_id(\"CVE-2021-34475\", \"CVE-2021-34506\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 91.0.864.59 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 91.0.864.59. It is, therefore, affected\nby multiple vulnerabilities as referenced in the June 24, 2021 advisory. Note that Nessus has not tested for this issue\nbut has instead relied only on the application's self-reported version number.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#june-24-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fcf1608e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34506\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 91.0.864.59 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-34506\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\napp_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nconstraints = [\n { 'fixed_version' : '91.0.864.59' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2021-12-22T23:17:26", "description": "### *Detect date*:\n06/24/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-34475](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34475>) \n[CVE-2021-34506](<https://api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34506>) \n\n\n### *Impacts*:\nSB \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)\n\n### *Microsoft official advisories*:", "cvss3": {}, "published": "2021-06-24T00:00:00", "type": "kaspersky", "title": "KLA12212 Multiple vulnerabilities in Microsoft Browser", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-34475", "CVE-2021-34506"], "modified": "2021-07-08T00:00:00", "id": "KLA12212", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12212/", "cvss": {"score": 0.0, "vector": "NONE"}}]}