The version of Microsoft Edge installed on the remote Windows host is prior to 114.0.1901.183 / 115.0.1901.183. It is, therefore, affected by multiple vulnerabilities as referenced in the July 21, 2023 advisory.
– Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2023-35392)
– Microsoft Edge for Android Spoofing Vulnerability (CVE-2023-38173)
– Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability (CVE-2023-38187)
– Use after free in WebRTC. (CVE-2023-3727, CVE-2023-3728)
– Use after free in Tab Groups. (CVE-2023-3730)
– Out of bounds memory access in Mojo. (CVE-2023-3732)
– Inappropriate implementation in WebApp Installs. (CVE-2023-3733)
– Inappropriate implementation in Picture In Picture. (CVE-2023-3734)
– Inappropriate implementation in Web API Permission Prompts. (CVE-2023-3735)
– Inappropriate implementation in Custom Tabs. (CVE-2023-3736)
– Inappropriate implementation in Notifications. (CVE-2023-3737)
– Inappropriate implementation in Autofill. (CVE-2023-3738)
– Insufficient validation of untrusted input in Themes. (CVE-2023-3740)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More