6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.4%
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges.
Below is a complete list of vulnerabilities:
CVE-2021-30538 warning
CVE-2021-30540 high
CVE-2021-30533 high
CVE-2021-30527 critical
CVE-2021-30522 critical
CVE-2021-30521 critical
CVE-2021-30531 high
CVE-2021-30523 critical
CVE-2021-30524 critical
CVE-2021-30535 critical
CVE-2021-30526 critical
CVE-2021-30530 critical
CVE-2021-30525 critical
CVE-2021-30539 high
CVE-2021-30529 critical
CVE-2021-30528 critical
CVE-2021-30532 warning
CVE-2021-30537 warning
CVE-2021-30534 high
CVE-2021-30536 critical
CVE-2021-31982 critical
CVE-2021-31937 critical
Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30521
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30522
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30523
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30524
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30525
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30526
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30527
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30528
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30529
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30530
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30531
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30532
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30533
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30534
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30535
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30536
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30537
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30538
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30539
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-30540
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31937
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31982
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Edge/
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.9 High
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.4%