CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
93.7%
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information.
Below is a complete list of vulnerabilities:
CVE-2021-30622 critical
CVE-2021-30624 critical
CVE-2021-30620 critical
CVE-2021-30621 high
CVE-2021-30613 critical
CVE-2021-30607 critical
CVE-2021-30618 critical
CVE-2021-30609 critical
CVE-2021-30611 critical
CVE-2021-30610 critical
CVE-2021-30616 critical
CVE-2021-30606 critical
CVE-2021-30619 high
CVE-2021-30608 critical
CVE-2021-30612 critical
CVE-2021-30615 high
CVE-2021-30623 critical
CVE-2021-30617 high
CVE-2021-30614 critical
CVE-2021-26439 warning
CVE-2021-26436 high
CVE-2021-36930 high
CVE-2021-38641 high
CVE-2021-38642 high
Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Code injection. Exploitation of vulnerabilities with this impact can lead to changes in target code.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
nvd.nist.gov/vuln/detail/CVE-2021-26436
nvd.nist.gov/vuln/detail/CVE-2021-26439
nvd.nist.gov/vuln/detail/CVE-2021-30606
nvd.nist.gov/vuln/detail/CVE-2021-30607
nvd.nist.gov/vuln/detail/CVE-2021-30608
nvd.nist.gov/vuln/detail/CVE-2021-30609
nvd.nist.gov/vuln/detail/CVE-2021-30610
nvd.nist.gov/vuln/detail/CVE-2021-30611
nvd.nist.gov/vuln/detail/CVE-2021-30612
nvd.nist.gov/vuln/detail/CVE-2021-30613
nvd.nist.gov/vuln/detail/CVE-2021-30614
nvd.nist.gov/vuln/detail/CVE-2021-30615
nvd.nist.gov/vuln/detail/CVE-2021-30616
nvd.nist.gov/vuln/detail/CVE-2021-30617
nvd.nist.gov/vuln/detail/CVE-2021-30618
nvd.nist.gov/vuln/detail/CVE-2021-30619
nvd.nist.gov/vuln/detail/CVE-2021-30620
nvd.nist.gov/vuln/detail/CVE-2021-30621
nvd.nist.gov/vuln/detail/CVE-2021-30622
nvd.nist.gov/vuln/detail/CVE-2021-30623
nvd.nist.gov/vuln/detail/CVE-2021-30624
nvd.nist.gov/vuln/detail/CVE-2021-36930
nvd.nist.gov/vuln/detail/CVE-2021-38641
nvd.nist.gov/vuln/detail/CVE-2021-38642
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Edge/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
93.7%