CVE-2017-11797

high

Published 2017-10-13 · Modified 2024-02-16

CVSS v3

7.5

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2

7.6

VIR risk

7.5

Description

ChakraCore RCE Vulnerability

Predictions

Exploit likelihood

83%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secure@microsoft.com — https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11797

Package impact

Ecosystem	Package	Vulnerable	Fixed
NuGet	Microsoft.ChakraCore	`<1.7.3`	`1.7.3`

Application impact

Vendor	Product	Versions	Fixed
microsoft	chakracore	`{"endIncluding":"1.7.2"}`

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.