CVE-2021-31937Improper Privilege Management in Microsoft Edge

CWE-269Improper Privilege Management4 documents4 sources
Severity
8.2HIGHNVD
EPSS
1.3%
top 20.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft EdgeMicrosoft Edge Chromium
Timeline
PublishedJun 28

Description

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.7

Affected Packages2 packages

NVDmicrosoft/edge_chromium< 91.0.864.37
CVEListV5microsoft/microsoft_edge1.0.091.0.864.37

Patches

Patch: msrc.microsoft.comPatch: msrc.microsoft.com

🔴Vulnerability Details

2
CVEList
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability2023-06-28
GHSA
GHSA-2vvp-rqvq-vxv2: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability2023-06-28

📋Vendor Advisories

1
Microsoft
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability2021-05-11
CVE-2021-31937 — Improper Privilege Management | cvebase