Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mscveMicrosoftMS:CVE-2024-43487
HistorySep 10, 2024 - 7:00 a.m.

Windows Mark of the Web Security Feature Bypass Vulnerability

2024-09-1007:00:00
Microsoft
msrc.microsoft.com
3
windows
mark of the web
security
feature bypass
vulnerability
microsoft

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

39.8%

JSON

Affected configurations

Vulners
Node
microsoftwindows_server_2012Range<6.3.9600.22175r2
OR
microsoftwindows_server_2012Range<6.3.9600.22175r2
OR
microsoftwindows_server_2012Range<6.2.9200.25073
OR
microsoftwindows_server_2012Range<6.2.9200.25073
OR
microsoftwindows_server_2016Range<10.0.14393.7336
OR
microsoftwindows_server_2016Range<10.0.14393.7336
OR
microsoftwindows_10_1607Range<10.0.14393.7336
OR
microsoftwindows_10_1607Range<10.0.14393.7336
OR
microsoftwindows_10_1507Range<10.0.10240.20766
OR
microsoftwindows_10_1507Range<10.0.10240.20766
OR
microsoftwindows_10_22h2Range<10.0.19045.4894
OR
microsoftwindows_10_22h2Range<10.0.19045.4894
OR
microsoftwindows_10_22h2Range<10.0.19045.4894
OR
microsoftwindows_10_21h2Range<10.0.19044.4894
OR
microsoftwindows_10_21h2Range<10.0.19044.4894
OR
microsoftwindows_10_21h2Range<10.0.19044.4894
OR
microsoftwindows_server_2019Range<10.0.17763.6293
OR
microsoftwindows_server_2019Range<10.0.17763.6293
OR
microsoftwindows_10_1809Range<10.0.17763.6293
OR
microsoftwindows_10_1809Range<10.0.17763.6293
OR
microsoftwindows_10_1809Range<10.0.17763.6293
VendorProductVersionCPE
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:r2:*:*:*:*:*:*
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
microsoftwindows_server_2016*cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
microsoftwindows_10_1607*cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*
microsoftwindows_10_1507*cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*
microsoftwindows_10_22h2*cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*

Related

nvd 1
vulnrichment 1
cve 1
cvelist 1
nessus 6
mskb 6
kaspersky 2
openvas 4
qualysblog 1
rapid7blog 1
nvd
nvd
CVE-2024-43487
2024-09-10 17:15:36
vulnrichment
vulnrichment
CVE-2024-43487 Windows Mark of the Web Security Feature Bypass Vulnerability
2024-09-10 16:54:19
cve
cve
CVE-2024-43487
2024-09-10 17:15:36
cvelist
cvelist
CVE-2024-43487 Windows Mark of the Web Security Feature Bypass Vulnerability
2024-09-10 16:54:19
nessus
nessus
KB5043125: Windows Server 2012 Security Update (September 2024)
2024-09-10 00:00:00
KB5043138: Windows Server 2012 R2 Security Update (September 2024)
2024-09-10 00:00:00
KB5043083: Windows 10 LTS 1507 Security Update (September 2024)
2024-09-10 00:00:00
mskb
mskb
September 10, 2024—KB5043125 (Monthly Rollup)
2024-09-10 07:00:00
September 10, 2024—KB5043138 (Monthly Rollup)
2024-09-10 07:00:00
September 10, 2024—KB5043083 (OS Build 10240.20766)
2024-09-10 07:00:00
kaspersky
kaspersky
KLA73222 Multiple vulnerabilities in Microsoft Products (ESU)
2024-09-10 00:00:00
KLA73227 Multiple vulnerabilities in Microsoft Windows
2024-09-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5043083)
2024-09-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5043064)
2024-09-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5043051)
2024-09-11 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, September 2024 Security Update Review
2024-09-10 19:31:38
rapid7blog
rapid7blog
Patch Tuesday - September 2024
2024-09-10 20:49:21

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

39.8%

JSON
Related for MS:CVE-2024-43487
nvd1vulnrichment1cve1cvelist1nessus6mskb6kaspersky2openvas4qualysblog1rapid7blog1