Skip to main content

Edge CVE-2024-26246

LOW
Insufficient Granularity of Access Control (CWE-1220)
2024-03-14 secure@microsoft.com
3.9
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.9 LOW
AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Mar 14, 2024 - 23:15 nvd
LOW 3.9

DescriptionNVD

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

AnalysisAI

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-1220. Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Affected products include: Microsoft Edge.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Edge

View all
CVE-2017-0070 HIGH POC
7.5 Mar 17

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling object

CVE-2016-7286 HIGH POC
7.5 Dec 20

The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (m

CVE-2017-8636 HIGH POC
7.5 Aug 08

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Serve

CVE-2017-8671 HIGH POC
7.5 Aug 08

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary

CVE-2017-8656 HIGH POC
7.5 Aug 08

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code

CVE-2017-8646 HIGH POC
7.5 Aug 08

Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t

CVE-2017-8645 HIGH POC
7.5 Aug 08

Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t

CVE-2017-8640 HIGH POC
7.5 Aug 08

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod

CVE-2017-8601 HIGH POC
7.5 Jul 11

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute

CVE-2017-11870 HIGH POC
7.5 Nov 15

ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the

CVE-2017-11841 HIGH POC
7.5 Nov 15

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, versio

CVE-2017-11840 HIGH POC
7.5 Nov 15

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, versio

Share

CVE-2024-26246 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy