Spoofing Vulnerability in Microsoft Edge on Windows 10 and Windows Server
CVE-2017-8611

6.5MEDIUM

Key Information:

Vendor
Microsoft
Status
Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016
Vendor
CVE Published:
11 July 2017

Summary

A vulnerability in Microsoft Edge allows remote attackers to impersonate legitimate web content by crafting specific websites. This can lead to users being misled into providing sensitive information or interacting with malicious elements without their knowledge. The affected versions include Microsoft Edge on Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Users are advised to update their systems to mitigate the risks associated with this vulnerability.

Affected Version(s)

Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Microsoft edge

References

http://www.securityfocus.com/bid/99391
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038858
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-us/security-guidance...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.