CVE-2018-8357 — Microsoft Internet Explorer 11 vulnerability

4 documents4 sources

Severity

8.3HIGHNVD

EPSS

8.2%

top 7.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer 11 Microsoft Edge Microsoft Internet Explorer

Timeline

PublishedAug 15

Latest updateMay 13

Description

An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 1.6 | Impact: 6.0

Affected Packages3 packages

▶NVDmicrosoft/internet_explorer11

▶CVEListV5microsoft/internet_explorer_1111 versions+10

▶CVEListV5microsoft/microsoft_edge11 versions+10

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-wxhw-5m8c-wrm5: An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerabil↗2022-05-13

▶

CVEList

CVE-2018-8357: An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerabil↗2018-08-15

▶

📋Vendor Advisories

Microsoft

Microsoft Browser Elevation of Privilege Vulnerability↗2018-08-14

▶