vulnerability

Microsoft Windows: CVE-2017-8498: Microsoft Edge Information Disclosure Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Jun 13, 2017	Jun 13, 2017	Sep 5, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Jun 13, 2017

Added

Jun 13, 2017

Modified

Sep 5, 2025

Description

Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be disclosed when Edge allows JavaScript XML DOM objects to detect installed browser extensions, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8504.

Solutions

microsoft-windows-windows_10-1607-kb4022715microsoft-windows-windows_10-1703-kb4022725microsoft-windows-windows_server_2016-1607-kb4022715

References

BID-98886
CVE-2017-8498
https://attackerkb.com/topics/CVE-2017-8498
CWE-200
URL-https://support.microsoft.com/help/4022715
URL-https://support.microsoft.com/help/4022725

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today