CVE-2017-1000461 Information

Description

Brave Software’s Brave Browser version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the \JS fingerprinting blocking\ component resulting in a malicious website being able to access the fingerprinting-associated browser functionality (that the browser intends to block).

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Reference

https://github.com/brave/browser-laptop/issues/11683issuecomment-339835601

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

4.7