Technical Severity
MEDIUMCVSS v3.1 Metrics
6.5
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitation Likelihood
EPSS Prediction
33.58
%
Predictive Probability
Percentile Rank
98.2
th
Documented as more likely to be exploited than 98.2% of known CVEs.
Detection Date
May 25, 2022
Remediation Due
Jun 15, 2022
CISA Catalog Active
Threat Analysis
Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site.
Remediation Directive
Apply updates per vendor instructions.