CVE-2018-8567

EUVD-2018-20184
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
microsoftedge
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
1709 (arm64, x64, x86)
KB4467686
1803 (arm64, x64, x86)
KB4467702
1809 (arm64, x64, x86)
KB4467708
Windows Server 2019
Standard
KB4467708
References
http://www.securityfocus.com/bid/105784
http://www.securitytracker.com/id/1042107
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8567
http://www.securityfocus.com/bid/105784
http://www.securitytracker.com/id/1042107
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8567