4.7

CVE-2024-26247

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftEdge Version < 123.0.2420.53
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.57% 0.675
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@microsoft.com 4.7 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.