CVE-2021-42308

LOW
Published Nov 24, 20214y ago · Modified Jun 17, 20262w ago
3.1 CVSS 3.1
Low
Find Similar
Published Nov 24, 2021 4y ago
Last Modified Jun 17, 2026 2w ago

Description

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVSS Details

Base Score
3.1
Exploitability
1.6
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-290

Affected Products 1

VendorProductVersionRange
microsoftedge_chromium* <96.0.1054.29

References 1

  • portal.msrc.microsoft.com https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42308
    PatchVendor Advisory

Remediation

  • portal.msrc.microsoft.com https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42308
    PatchVendor Advisory