CVE-2022-23263

Опубликовано: 03 фев. 2022

Источник: msrc

CVSS3: 7.7

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

FAQ

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
98.0.1108.43	2/3/2022	98.0.4758.80

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a browser sandbox escape.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 78%

0.01176

Низкий

7.7 High

CVSS3

Связанные уязвимости

CVE-2022-23263

CVSS3: 7.7

nvd

почти 4 года назад

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

GHSA-v22g-4vp7-v5cj

CVSS3: 7.7

github

почти 4 года назад

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23262.

BDU:2022-00951

CVSS3: 7.7

fstec

около 4 лет назад

Уязвимость браузера Microsoft Edge, связанная с небезопасным управлением привилегиями, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 78%

0.01176

Низкий

7.7 High

CVSS3