CVE-2017-0233 - An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to esc

CVE-2017-0233

Summary

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0241.

References

http://www.securityfocus.com/bid/98179
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0233

Vulnerable Configurations

cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*

CVSS

Base:	5.1 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:P

refmap via4

bid	98179
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0233

Last major update

03-10-2019 - 00:03

Published

12-05-2017 - 14:29

Last modified

03-10-2019 - 00:03