Microsoft Edge (Chromium) < 92.0.902.55 Multiple Vulnerabilities

critical Nessus Plugin ID 152004

Synopsis

The remote host has an web browser installed that is affected by multiple vulnerabilities.

Description

The version of Microsoft Edge installed on the remote Windows host is prior to 92.0.902.55. It is, therefore, affected by multiple vulnerabilities as referenced in the July 22, 2021 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Microsoft Edge version 92.0.902.55 or later.

See Also

http://www.nessus.org/u?dc471fea

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30565

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30566

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30567

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30568

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30569

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30571

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30572

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30573

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30574

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30575

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30576

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30577

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30578

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30579

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30580

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30581

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30582

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30583

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30584

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30585

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30586

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30587

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30588

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30589

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36928

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36929

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36931

Plugin Details

Severity: Critical

ID: 152004

File Name: microsoft_edge_chromium_92_0_902_55.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 7/22/2021

Updated: 12/7/2023

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-30588

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2021-30571

Vulnerability Information

CPE: cpe:/a:microsoft:edge

Required KB Items: SMB/Registry/Enumerated, installed_sw/Microsoft Edge (Chromium)

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/22/2021

Vulnerability Publication Date: 7/20/2021

Reference Information

CVE: CVE-2021-30565, CVE-2021-30566, CVE-2021-30567, CVE-2021-30568, CVE-2021-30569, CVE-2021-30571, CVE-2021-30572, CVE-2021-30573, CVE-2021-30574, CVE-2021-30575, CVE-2021-30576, CVE-2021-30577, CVE-2021-30578, CVE-2021-30579, CVE-2021-30580, CVE-2021-30581, CVE-2021-30582, CVE-2021-30583, CVE-2021-30584, CVE-2021-30585, CVE-2021-30586, CVE-2021-30587, CVE-2021-30588, CVE-2021-30589

IAVA: 2021-A-0346-S