6.5
CVE-2025-26685
- EPSS 1.69%
- Veröffentlicht 13.05.2025 16:58:55
- Zuletzt bearbeitet 19.05.2025 18:22:04
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft Defender for Identity Spoofing Vulnerability
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Defender For Identity Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.69% | 0.823 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.