Microsoft Edge (Chromium) < 116.0.1938.81 (CVE-2023-4863)

high Nessus Plugin ID 181314

Language:

Version 1.11 Aug 28, 2024, 7:43 PM CVE (set "CVE" coverage to "CVE-2023-4863") CVSS metrics ("CVSSv2 score" set to 10.0) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSS metrics ("CVSSv3 score" set to 8.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2024-38156" to "CVE-2023-4863") CVSSv2 severity (based on CVE-2023-4863, severity increased from "Medium" to "High") CVSSv3 severity (based on CVE-2023-4863, severity increased from "Medium" to "High") Detection (updated detection logic) Exploit attributes ("Exploit available" changed from "False" to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Exploit attributes ("Exploited by malware" changed from none to "True") Plugin metadata Plugin Feed: 202408281943
Version 1.10 Aug 2, 2024, 12:20 PM IAVM reference Plugin Feed: 202408021220
Version 1.9 Jul 19, 2024, 12:17 PM IAVM reference CVSS metrics ("CVSSv2 score" set to 4.3. "CVSSv3 score" set to 6.1. "CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N". "CVSSv2 vector" set to "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N". "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N". "CVSSv2 score" set to 6.4) Detection (updated detection logic) Plugin metadata Plugin Feed: 202407191217
Version 1.6 Jul 18, 2024, 2:18 AM CVE (set "CVE" coverage to "CVE-2024-38156") CVSS metrics ("CVSSv2 score" set to 5.0) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N") CVSS metrics ("CVSSv3 score" set to 4.3) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2023-4863" to "CVE-2024-38156") CVSSv2 severity (based on CVE-2024-38156, severity decreased from "High" to "Medium") CVSSv3 severity (based on None, severity decreased from "High" to "Medium") Detection (updated detection logic) Exploit attributes ("Exploit available" changed from "True" to "False") Exploit attributes ("Exploitability ease" changed from "Exploits are available" to "No known exploits are available") Exploit attributes ("Exploited by malware" changed from "True" to none) Plugin metadata Plugin Feed: 202407180218
Version 1.5 Oct 6, 2023, 10:25 AM IAVM reference Plugin Feed: 202310061025
Version 1.4 Oct 2, 2023, 2:13 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202310021413
Version 1.3 Sep 22, 2023, 7:59 AM STIG Severity (set to "I") IAVM reference Plugin Feed: 202309220759
Version 1.2 Sep 21, 2023, 2:27 PM CVSS metrics ("CVSSv2 score" changed from 6.8 to 10.0. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSSv2 severity (based on CVE-2023-4863, severity increased from "Medium" to "High") Plugin Feed: 202309211427
Version 1.1 Sep 13, 2023, 6:07 PM Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") CISA reference Plugin Feed: 202309131807
Version 1.0 Sep 13, 2023, 2:10 AM New Plugin Feed: 202309130210

* Changelogs are generally available for changes made after Nov 1, 2022