CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.8%
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, obtain sensitive information.
Below is a complete list of vulnerabilities:
CVE-2021-37986 critical
CVE-2021-37984 critical
CVE-2021-37993 critical
CVE-2021-37981 critical
CVE-2021-37985 critical
CVE-2021-37995 high
CVE-2021-37991 critical
CVE-2021-37983 critical
CVE-2021-37989 high
CVE-2021-37988 critical
CVE-2021-37990 high
CVE-2021-37994 high
CVE-2021-37982 critical
CVE-2021-37996 high
CVE-2021-37992 critical
CVE-2021-37987 critical
CVE-2021-42307 warning
Install necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option)
Microsoft Edge update settings
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
nvd.nist.gov/vuln/detail/CVE-2021-37981
nvd.nist.gov/vuln/detail/CVE-2021-37982
nvd.nist.gov/vuln/detail/CVE-2021-37983
nvd.nist.gov/vuln/detail/CVE-2021-37984
nvd.nist.gov/vuln/detail/CVE-2021-37985
nvd.nist.gov/vuln/detail/CVE-2021-37986
nvd.nist.gov/vuln/detail/CVE-2021-37987
nvd.nist.gov/vuln/detail/CVE-2021-37988
nvd.nist.gov/vuln/detail/CVE-2021-37989
nvd.nist.gov/vuln/detail/CVE-2021-37990
nvd.nist.gov/vuln/detail/CVE-2021-37991
nvd.nist.gov/vuln/detail/CVE-2021-37992
nvd.nist.gov/vuln/detail/CVE-2021-37993
nvd.nist.gov/vuln/detail/CVE-2021-37994
nvd.nist.gov/vuln/detail/CVE-2021-37995
nvd.nist.gov/vuln/detail/CVE-2021-37996
nvd.nist.gov/vuln/detail/CVE-2021-42307
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Edge/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.8%