CVE-2021-34475

Опубликовано: 21 сент. 2021

Источник: msrc

CVSS3: 5.4

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

FAQ

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
91.0.864.59	6/24/2021	91.0.4472.101

According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:N). What does that mean for this vulnerability?

There are limited impact to Confidentiality and Integrity and no Avaibility impact from exploiting this vulnerability. An attacker would need to combine this with other vulnerabilities to perform an attack.

Возможность эксплуатации

Publicly Disclosed

Exploited

DOS

N/A

EPSS

Процентиль: 46%

0.00231

Низкий

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2021-34475

CVSS3: 5.4

nvd

больше 2 лет назад

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

GHSA-6m6g-mxrq-m2p2

CVSS3: 5.4

github

больше 2 лет назад

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

BDU:2021-03318

CVSS3: 5.4

fstec

больше 4 лет назад

Уязвимость браузера Microsoft Edge, связанная с ошибками управления привилегиями, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 46%

0.00231

Низкий

5.4 Medium

CVSS3