CVE-2023-38158

Опубликовано: 21 авг. 2023

Источник: msrc

CVSS3: 3.1

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

FAQ

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
116.0.1938.54	8/21/2023	116.0.5845.96/.97

According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability?

Exploitation of this vulnerability only discloses limited information, no sensitive information can be obtained.

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires the victim to open the vulnerable app.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 75%

0.00871

Низкий

3.1 Low

CVSS3

Связанные уязвимости

CVE-2023-38158

CVSS3: 3.1

nvd

больше 2 лет назад

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

GHSA-q4rf-5mrc-hgw8

CVSS3: 3.1

github

больше 2 лет назад

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

BDU:2023-04857

CVSS3: 3.1

fstec

больше 2 лет назад

Уязвимость браузера Microsoft Edge, связанная с раскрытием информации, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 75%

0.00871

Низкий

3.1 Low

CVSS3