CVE Vulnerability

CVE-2018-0803

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Microsoft Edge Elevation of Privilege Vulnerability".

5.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 4.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

Scope

4.2 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803 Patch Vendor Advisory
http://www.securitytracker.com/id/1040100 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/102384 Third Party Advisory VDB Entry
Configurations

Configuration 1
Information

Published : 2018-01-04 02:29

Updated : 2020-08-24 05:37

NVD link : CVE-2018-0803

Mitre link : CVE-2018-0803

Products Affected
No products.
CWE
CWE-863