CVE-2019-1299

EPSS 26.46%
Veröffentlicht 11.09.2019 22:15:18
Zuletzt bearbeitet 21.11.2024 04:36:25
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Edge Version-

   Microsoft ≫ Windows 10 Version1809
   Microsoft ≫ Windows 10 Version1903
   Microsoft ≫ Windows Server 2019 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	26.46%	0.958

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1299

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-1299

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-1299

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-1299

EUVD