Think you have a false positive on this rule?

Sid 1-48388

Message

BROWSER-IE Microsoft Edge information disclosure attempt

Summary

This event is generated when an information disclosure attempt is detected in Microsoft Edge.

Impact

Attempted User Privilege Gain

CVE-2018-8545:

CVSS base score 4.3

CVSS impact score 1.4

CVSS exploitability score 2.8

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Detailed information

CVE-2018-8545: An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

Affected systems

  • microsoft edge -

Ease of attack

CVE-2018-8545:

Access Vector

Access Complexity

Authentication

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8545