Lucene search
ChromeCVE-2023-0704HistoryFeb 07, 2023 - 9:15 p.m.
CVE-2023-0704
2023-02-0721:15:09
Chrome
web.nvd.nist.gov
67
cve
2023
0704
insufficient policy enforcement
devtools
google chrome
remote attacker
same origin policy
proxy settings
crafted html page
chromium
security severity
low
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
AI Score
6.3
Confidence
High
EPSS
0.001
Percentile
47.8%
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. (Chromium security severity: Low)
Affected configurations
Node
googlechromeRange<110.0.5481.77
CNA Affected
[
{
"vendor": "Google",
"product": "Chrome",
"versions": [
{
"version": "unspecified",
"lessThan": "110.0.5481.77",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2023-0704
2023-02-07 00:00:00
veracode
veracode
Same-Origin Policy Bypass
2023-03-12 20:34:27
prion
prion
Design/Logic Flaw
2023-02-07 21:15:00
osv
osv
CVE-2023-0704
2023-02-07 21:15:09
chromedriver-110.0.5481.77-1.1 on GA media
2024-06-15 00:00:00
chromium - security update
2023-02-08 00:00:00
debiancve
debiancve
CVE-2023-0704
2023-02-07 21:15:09
ubuntucve
ubuntucve
CVE-2023-0704
2023-02-07 00:00:00
mscve
mscve
Chromium: CVE-2023-0704 Insufficient policy enforcement in DevTools
2023-02-09 20:57:44
nvd
nvd
CVE-2023-0704
2023-02-07 21:15:09
chrome
chrome
Stable Channel Update for Desktop
2023-02-07 00:00:00
nessus
nessus
openSUSE 15 Security Update : opera (openSUSE-SU-2023:0063-1)
2023-03-03 00:00:00
openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0045-1)
2023-02-15 00:00:00
Debian DSA-5345-1 : chromium - security update
2023-02-09 00:00:00
openvas
openvas
debian
debian
[SECURITY] [DSA 5345-1] chromium security update
2023-02-08 19:13:01
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-02-07 00:00:00
kaspersky
kaspersky
KLA20220 Multiple vulnerabilities in Google Chrome
2023-02-07 00:00:00
KLA40222 Multiple vulnerabilities in Opera
2023-02-22 00:00:00
KLA20224 Multiple vulnerabilities in Microsoft Browser
2023-02-09 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: chromium-110.0.5481.77-1.fc36
2023-02-13 01:26:42
ubuntu
ubuntu
Chromium vulnerabilities
2023-02-21 00:00:00
altlinux
altlinux
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2023-09-30 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
AI Score
6.3
Confidence
High
EPSS
0.001
Percentile
47.8%
Related for CVE-2023-0704