CVE-2022-26899

Опубликовано: 17 мар. 2022

Источник: msrc

CVSS3: 6.3

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

FAQ

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
99.0.1150.46	3/17/2022	99.0.4844.74

According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability?

While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 56%

0.00337

Низкий

6.3 Medium

CVSS3

Связанные уязвимости

CVE-2022-26899

CVSS3: 6.3

nvd

больше 2 лет назад

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

GHSA-ww59-8fxw-pg36

CVSS3: 6.3

github

больше 2 лет назад

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

BDU:2022-01524

CVSS3: 7.3

fstec

почти 4 года назад

Уязвимость браузера Microsoft Edge, связанная с неверным управлением генерацией кода, позволяющая нарушителю обойти ограничения безопасности и повысить свои привилегии

EPSS

Процентиль: 56%

0.00337

Низкий

6.3 Medium

CVSS3