4.8
CVE-2025-59501
- EPSS 0.09%
- Veröffentlicht 31.10.2025 16:45:40
- Zuletzt bearbeitet 05.11.2025 18:17:55
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Configuration Manager Spoofing Vulnerability
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Configuration Manager 2403 Version < 5.00.9128.1037
Microsoft ≫ Configuration Manager 2409 Version < 5.00.9132.1031
Microsoft ≫ Configuration Manager 2503 Version < 5.0.9135.1013
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.249 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 4.8 | 1.2 | 3.6 |
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-290 Authentication Bypass by Spoofing
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.