CVE-2017-0241
Last modified
CVE-2017-0241 is a vulnerability of currently unknown severity. An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233.. EPSS estimates a 2.87% chance of exploitation in the next 30 days.
Description
An elevation of privilege vulnerability exists when Microsoft Edge renders a domain-less page in the URL, which could allow Microsoft Edge to perform actions in the context of the Intranet Zone and access functionality that is not typically available to the browser when browsing in the context of the Internet Zone, aka "Microsoft Edge Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-0233.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Edge | All versions |
References
- http://www.securityfocus.com/bid/98208Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0241Patch, Vendor Advisory
- http://www.securityfocus.com/bid/98208Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0241Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-0241?
How severe is CVE-2017-0241?
How do I fix CVE-2017-0241?
Are you affected by CVE-2017-0241?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST