Vulnerability Details CVE-2017-11872
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise be restricted to a destination website of the attacker's choice, due to how Microsoft Edge handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability". This CVE ID is unique from CVE-2017-11863 and CVE-2017-11874.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.244
EPSS Ranking 95.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/101749
- http://www.securitytracker.com/id/1039801
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11872
- http://www.securityfocus.com/bid/101749
- http://www.securitytracker.com/id/1039801
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11872
Products affected by CVE-2017-11872
-
cpe:2.3:a:microsoft:edge:-
-
cpe:2.3:a:microsoft:edge:107.0.1418.62
-
cpe:2.3:a:microsoft:edge:108.0.1462.42
-
cpe:2.3:a:microsoft:edge:112.0.1722.34
-
cpe:2.3:a:microsoft:edge:114.0.1823.82
-
cpe:2.3:a:microsoft:edge:116.0.1938.98
-
cpe:2.3:a:microsoft:edge:117.0.2045.47
-
cpe:2.3:a:microsoft:edge:118.0.2088.88
-
cpe:2.3:a:microsoft:edge:122.0.2365.63
-
cpe:2.3:a:microsoft:edge:122.0.2365.92
-
cpe:2.3:a:microsoft:edge:123.0.2420.53
-
cpe:2.3:a:microsoft:edge:124.0.2478.105
-
cpe:2.3:a:microsoft:edge:124.0.2478.109
-
cpe:2.3:a:microsoft:edge:124.0.2478.121
-
cpe:2.3:a:microsoft:edge:124.0.2478.127
-
cpe:2.3:a:microsoft:edge:124.0.2478.131
-
cpe:2.3:a:microsoft:edge:124.0.2478.51
-
cpe:2.3:a:microsoft:edge:124.0.2478.67
-
cpe:2.3:a:microsoft:edge:124.0.2478.80
-
cpe:2.3:a:microsoft:edge:124.0.2478.97
-
cpe:2.3:a:microsoft:edge:125.0.2535.51
-
cpe:2.3:a:microsoft:edge:125.0.2535.67
-
cpe:2.3:a:microsoft:edge:125.0.2535.79
-
cpe:2.3:a:microsoft:edge:125.0.2535.85
-
cpe:2.3:a:microsoft:edge:125.0.2535.92
-
cpe:2.3:a:microsoft:edge:126.0.2592.102
-
cpe:2.3:a:microsoft:edge:126.0.2592.113
-
cpe:2.3:a:microsoft:edge:126.0.2592.56
-
cpe:2.3:a:microsoft:edge:126.0.2592.61
-
cpe:2.3:a:microsoft:edge:126.0.2592.68
-
cpe:2.3:a:microsoft:edge:126.0.2592.81
-
cpe:2.3:a:microsoft:edge:126.0.2592.87
-
cpe:2.3:a:microsoft:edge:127.0.2651.74
-
cpe:2.3:a:microsoft:edge:79.0.309.68
-
cpe:2.3:a:microsoft:edge:80.0.361.109
-
cpe:2.3:a:microsoft:edge:80.0.361.111
-
cpe:2.3:a:microsoft:edge:80.0.361.48
-
cpe:2.3:a:microsoft:edge:80.0.361.50
-
cpe:2.3:a:microsoft:edge:80.0.361.54
-
cpe:2.3:a:microsoft:edge:80.0.361.56
-
cpe:2.3:a:microsoft:edge:80.0.361.57
-
cpe:2.3:a:microsoft:edge:80.0.361.62
-
cpe:2.3:a:microsoft:edge:80.0.361.66
-
cpe:2.3:a:microsoft:edge:80.0.361.69
-
cpe:2.3:a:microsoft:edge:81.0.416.53
-
cpe:2.3:a:microsoft:edge:81.0.416.58
-
cpe:2.3:a:microsoft:edge:81.0.416.64
-
cpe:2.3:a:microsoft:edge:81.0.416.68
-
cpe:2.3:a:microsoft:edge:81.0.416.72
-
cpe:2.3:a:microsoft:edge:81.0.416.77
-
cpe:2.3:a:microsoft:edge:83.0.478.37
-
cpe:2.3:a:microsoft:edge:83.0.478.44
-
cpe:2.3:a:microsoft:edge:83.0.478.45
-
cpe:2.3:a:microsoft:edge:83.0.478.50
-
cpe:2.3:a:microsoft:edge:83.0.478.54
-
cpe:2.3:a:microsoft:edge:83.0.478.56
-
cpe:2.3:a:microsoft:edge:83.0.478.58
-
cpe:2.3:a:microsoft:edge:83.0.478.61
-
cpe:2.3:a:microsoft:edge:83.0.478.64
-
cpe:2.3:a:microsoft:edge:84.0.522.40
-
cpe:2.3:a:microsoft:edge:84.0.522.44
-
cpe:2.3:a:microsoft:edge:84.0.522.48
-
cpe:2.3:a:microsoft:edge:84.0.522.49
-
cpe:2.3:a:microsoft:edge:84.0.522.50
-
cpe:2.3:a:microsoft:edge:84.0.522.52
-
cpe:2.3:a:microsoft:edge:84.0.522.58
-
cpe:2.3:a:microsoft:edge:84.0.522.59
-
cpe:2.3:a:microsoft:edge:84.0.522.61
-
cpe:2.3:a:microsoft:edge:84.0.522.63
-
cpe:2.3:a:microsoft:edge:85.0.564.41
-
cpe:2.3:a:microsoft:edge:85.0.564.44
-
cpe:2.3:a:microsoft:edge:85.0.564.51
-
cpe:2.3:a:microsoft:edge:85.0.564.63
-
cpe:2.3:a:microsoft:edge:85.0.564.68
-
cpe:2.3:a:microsoft:edge:85.0.564.70
-
cpe:2.3:a:microsoft:edge:86.0.622.38
-
cpe:2.3:a:microsoft:edge:86.0.622.43
-
cpe:2.3:a:microsoft:edge:86.0.622.48
-
cpe:2.3:a:microsoft:edge:86.0.622.51
-
cpe:2.3:a:microsoft:edge:86.0.622.56
-
cpe:2.3:a:microsoft:edge:86.0.622.58
-
cpe:2.3:a:microsoft:edge:86.0.622.61
-
cpe:2.3:a:microsoft:edge:86.0.622.63
-
cpe:2.3:a:microsoft:edge:86.0.622.68
-
cpe:2.3:a:microsoft:edge:86.0.622.69
-
cpe:2.3:a:microsoft:edge:87.0.664.41
-
cpe:2.3:a:microsoft:edge:87.0.664.47
-
cpe:2.3:a:microsoft:edge:88.0.705.50
-
cpe:2.3:a:microsoft:edge:88.0.705.62
-
cpe:2.3:a:microsoft:edge:88.0.705.63
-
cpe:2.3:a:microsoft:edge:88.0.705.74
-
cpe:2.3:a:microsoft:edge:93.0.961.38
-
cpe:2.3:a:microsoft:edge:93.0.961.44
-
cpe:2.3:a:microsoft:edge:97.0.4692.99
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4467
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4825
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4886
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4946
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5192
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5246
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5291
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5356
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5427
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5648
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5717
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5786
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6351
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6452
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6897
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6981
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7070
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7159
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7259
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7336
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7428
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7515
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7606
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7699
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7785
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7876
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7969
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8066
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8148
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8246
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8330
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8416
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8422
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8519
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8524
-
cpe:2.3:o:microsoft:windows_server_2016:1709
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004
-
cpe:2.3:o:microsoft:windows_server_2016:20h2