CCE-44441-4| Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Allow employees to send Do Not Track headers for DoNotTrack'
This setting lets you decide whether employees can send Do Not Track headers to websites that request tracking info.
Turning this setting on lets your employees send Do Not Track headers.
Turning this setting off, or not configuring it, stops your employees from sending Do Not Track headers.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Users cannot be tracked in their Microsoft Edge browser from outside agents.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsMicrosoft EdgeAllow employees to send Do Not Track headers
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftMicrosoftEdgeMainDoNotTrack
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 3.7 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 1.4 | Privileges Required: NONE |
| Severity: LOW | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: NONE |
| | Availability: NONE |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35454 |
