CVE-2017-8530

Опубликовано: 15 июн. 2017

Источник: nvd

CVSS3: 5.4

CVSS2: 5.8

EPSS Низкий

Описание

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge does not properly enforce same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-8523 and CVE-2017-8555.

Ссылки

http://www.securityfocus.com/bid/98863
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038661
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8530
Patch
Vendor Advisory
http://www.securityfocus.com/bid/98863
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038661
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8530
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00529

Низкий

5.4 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-346

Связанные уязвимости

CVE-2017-8530

CVSS3: 5.4

msrc

около 8 лет назад

Microsoft Edge Security Feature Bypass Vulnerability

GHSA-3mf8-rh77-mhqx

CVSS3: 5.4

github

около 3 лет назад

EPSS

Процентиль: 66%

0.00529

Низкий

5.4 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-346