CVE-2018-8469

Опубликовано: 13 сент. 2018

Источник: nvd

CVSS3: 7.4

CVSS2: 4.3

EPSS Средний

Описание

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8463.

Ссылки

http://www.securityfocus.com/bid/105263
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041623
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8469
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/45502/
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/105263
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041623
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8469
Patch
Vendor Advisory
https://www.exploit-db.com/exploits/45502/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.17641

Средний

7.4 High

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2018-8469

CVSS3: 4.3

msrc

больше 7 лет назад

Microsoft Edge Elevation of Privilege Vulnerability

GHSA-mc88-f3m4-3m3h