Vulnerability Details : CVE-2018-8463
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469.
Vulnerability category: Gain privilege
Products affected by CVE-2018-8463
- cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-8463
1.77%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-8463
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
7.4
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N |
2.8
|
4.0
|
NIST |
References for CVE-2018-8463
-
http://www.securitytracker.com/id/1041623
Microsoft Edge Multiple Bugs Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Gain Elevated Privileges, and Spoof Content on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8463
CVE-2018-8463 | Microsoft Edge Elevation of Privilege VulnerabilityPatch;Vendor Advisory
-
https://www.exploit-db.com/exploits/45502/
Microsoft Edge - Sandbox EscapeThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/105260
Microsoft Edge CVE-2018-8463 Remote Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
Jump to