CVE-2020-15959
Description
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.883
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome (x64) (85.0.4183.102) | Windows |
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome (85.0.4183.102) | Windows |
| Vulnerabilities CVE-2020-6574, CVE-2020-6575, CVE-2020-6576, CVE-2020-15959 are fixed in Microsoft Edge for chromium business (x64) (85.0.564.51) | Windows |
| Vulnerabilities CVE-2020-6574, CVE-2020-6575, CVE-2020-6576, CVE-2020-15959 are fixed in Microsoft Edge for chromium business (85.0.564.51) | Windows |
| Vulnerabilities CVE-2020-15959,CVE-2020-6573,CVE-2020-6575,CVE-2020-6576 are affected in Google Chrome (x64) 85.0.4183.101(x64) | Windows |
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome For Mac (85.0.4183.102) | Mac |
| chromium security update(DSA-4824-1) chromium_87.0.4280.88-0.4~deb10u1_i386.deb | Linux |
| chromium security update(DSA-4824-1) chromium_87.0.4280.88-0.4~deb10u1_amd64.deb | Linux |
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome (85.0.4183.102) (For Debian) | Linux |
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome (85.0.4183.102) (For Centos) | Linux |
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome (85.0.4183.102) (For RedHat) | Linux |
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome (85.0.4183.102) (For Suse) | Linux |
| Vulnerabilities CVE-2020-6573,CVE-2020-6574,CVE-2020-6575,CVE-2020-6576,CVE-2020-15959 are fixed in Google Chrome (85.0.4183.102) (For Ubuntu) | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-315894 | Google Chrome (x64) (85.0.4183.102) |
| PATCH-315893 | Google Chrome (85.0.4183.102) |
| PATCH-109332 | Microsoft Edge for chromium business (99.0.1150.30) (x64) |
| PATCH-109333 | Microsoft Edge for chromium business (99.0.1150.30) (x86) |
| PATCH-343228 | Google Chrome (x64) (131.0.6778.85, 131.0.6778.86) |
| PATCH-609673 | Google Chrome for Mac (132.0.6834.83, 132.0.6834.84) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234