Think you have a false positive on this rule?

Sid 1-47761

Message

BROWSER-IE Microsoft Internet Explorer iframe open redirect attempt

Summary

This event is generated when an attacker attempts to disclose information via an open redirect in an iframe.

Impact

Attempted Information Leak

CVE-2018-8470:

CVSS base score 6.1

CVSS impact score 2.7

CVSS exploitability score 2.8

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Detailed information

CVE-2018-8470: A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

Affected systems

  • microsoft internet_explorer 11

Ease of attack

CVE-2018-8470:

Access Vector

Access Complexity

Authentication

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8470