vulnerability

Microsoft Windows: CVE-2017-8504: Microsoft Edge Information Disclosure Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Jun 13, 2017	Jun 13, 2017	Aug 7, 2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Jun 13, 2017

Added

Jun 13, 2017

Modified

Aug 7, 2024

Description

Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8498.

Solution(s)

microsoft-windows-windows_10-1607-kb4022715microsoft-windows-windows_10-1703-kb4022725microsoft-windows-windows_server_2016-1607-kb4022715

References

BID-98892
CVE-2017-8504
https://attackerkb.com/topics/CVE-2017-8504
URL-https://support.microsoft.com/help/4022715
URL-https://support.microsoft.com/help/4022725

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today