CVE-2024-38093

Опубликовано: 20 июн. 2024

Источник: msrc

CVSS3: 4.3

EPSS Низкий

Описание

Microsoft Edge (Chromium-based) Spoofing Vulnerability

FAQ

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.

Microsoft Edge Channel	Microsoft Edge Version	Date Released	Based on Chromium Version
Stable	126.0.2592.68	6/20/2024	126.0.6478.114/115

According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could cover and spoof elements of the UI. The modified information is only visual.

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

EPSS

Процентиль: 65%

0.00502

Низкий

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2024-38093

CVSS3: 4.3

nvd

больше 1 года назад

Microsoft Edge (Chromium-based) Spoofing Vulnerability

GHSA-vhhg-73hp-mrc2

CVSS3: 4.3

github

больше 1 года назад

Microsoft Edge (Chromium-based) Spoofing Vulnerability

BDU:2024-04825

CVSS3: 4.3

fstec

больше 1 года назад

Уязвимость браузера Microsoft Edge, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг атаки

EPSS

Процентиль: 65%

0.00502

Низкий

4.3 Medium

CVSS3