Original Issue Date: May 04, 2022
Severity Rating: MEDIUM
Software Affected
Microsoft Edge versions prior to 101.0.1210.32
Overview
Multiple vulnerabilities have been reported in Microsoft Edge server which could be exploited by an attacker to gain elevated privileges on the targeted system.
Description
This vulnerability exists in Microsoft Edge server due to Inappropriate implementation in iframe, Web Authentication, HTML Parser, Extensions API & WebGL; Insufficient data validation in Dev Tools, Trusted Types & Blink Editing; Incorrect security UI in Downloads; Use after free in Dev Tools, Bookmarks, Browser Switcher, Ozone, File System API, Sharing, Device API, ANGLE, Swift Shader & Vulkan; Heap buffer overflow in Web UI Settings & Web GPU and Type Confusion in V8.
Successful exploitation of this vulnerability could allow the attacker to gain elevated privileges on the targeted system.
Solution
Apply appropriate updates as mentioned in: