Vulnerabilities > CVE-2020-0663 - Unspecified vulnerability in Microsoft Edge

CVSS 4.2 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

high complexity

microsoft

NVD

Published: 2020-02-11

Updated: 2021-07-21

Summary

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Edge -	1
OS	Microsoft Microsoft Windows 10 1803 Microsoft Windows 10 1809 Microsoft Windows 10 1903 Microsoft Windows 10 1909 Microsoft Windows Server 2019 -	5

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0663