Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2022-4923
HistoryJul 29, 2023 - 12:15 a.m.

CVE-2022-4923

2023-07-2900:15:11
Debian Security Bug Tracker
security-tracker.debian.org
14
omnibox
google chrome
privileged network
man-in-the-middle
attack
malicious network traffic
chromium
low severity
unix

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

28.4%

Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic. (Chromium security severity: Low)

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

28.4%