{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-00000a1015a5","releaseDate":"2021-05-27T07:00:00Z","cveNumber":"CVE-2021-31982","cveTitle":"Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability","releaseNumber":"2021-May","vulnType":"Security Vulnerability","latestRevisionDate":"2023-08-01T07:00:00Z","cweList":[],"cweDetailsListForSearch":[],"mitreText":"CVE-2021-31982","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2021-31982","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":2,"olderSoftwareRelease":"Exploitation Less Likely","denialOfService":"N/A","tag":"Microsoft Edge (Chromium-based)","issuingCna":"Microsoft","issuingCnaId":0,"severityId":100000001,"severity":"Important","impactId":100000007,"impact":"Security Feature Bypass","langCode":"en-US","baseScore":"8.8","temporalScore":"7.7","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","vectorStringSource":"Microsoft","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":0,"cweDetailsList":[],"articles":[{"articleType":"FAQ","description":"<p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H), and (A:H). What does that mean for this vulnerability?</strong></p>\n<p>Successful exploitation of this vulnerability could lead to a full compromise of the browser.</p>\n","ordinal":10000},{"articleType":"FAQ","description":"<p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p>\n<p>This vulnerability requires that a user have multiple browser instances open of the affected version of Microsoft Edge (Chromium-based), one of which is a specially crafted website hosted by the attacker. The user would need to access the URL of the malicious website and then click a popup displayed on that site.</p>\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2021-31982","version":1,"revisionDate":"2021-05-27T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published.</p>\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"d8e8a2ce-55b7-eb11-a837-000d3a6d35d9"},{"cveNumber":"CVE-2021-31982","version":1.1,"revisionDate":"2023-08-01T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"<p>Updated one or more CVSS scores for the affected products. This is an informational change only.</p>\n","unformattedDescription":"Updated one or more CVSS scores for the affected products. This is an informational change only.","notificationNeeded":false,"notificationSent":false,"sourceId":"ca97e524-3c30-ee11-9336-000d3ac5fb71"}]}