CVE-2023-38174

Опубликовано: 14 дек. 2023

Источник: msrc

CVSS3: 4.3

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

FAQ

According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability?

Exploitation of this vulnerability only discloses limited information, no sensitive information can be obtained.

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.

What is the version information for this release?

Microsoft Edge Version	Date Released	Based on Chromium Version
120.0.2210.61	12/7/2023	120.0.6099.62/.63

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 63%

0.00448

Низкий

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2023-38174

CVSS3: 4.3

nvd

около 2 лет назад

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

GHSA-68mg-jchw-j7f7

CVSS3: 4.3

github

около 2 лет назад

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

BDU:2023-08543

CVSS3: 4.3

fstec

около 2 лет назад

Уязвимость браузера Microsoft Edge, связанная с недостаточной проверкой входных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 63%

0.00448

Низкий

4.3 Medium

CVSS3