CCE-98648-9| Platform: cpe:/o:microsoft:windows_10 | Date: (C)2022-07-05 (M)2023-07-04 |
This setting lets you decide whether employees can run Adobe Flash in Microsoft Edge.
If you enable or don't configure this setting, employees can use Adobe Flash.
If you disable this setting, employees can't use Adobe Flash.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsMicrosoft EdgeAllow Adobe Flash
(2) REG: HKEY_LOCAL_MACHINE or HKEY_CURRENT_USERSoftwarePoliciesMicrosoftMicrosoftEdgeAddons!FlashPlayerEnabled
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\Allow Adobe Flash
(2) REG: HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER\Software\Policies\Microsoft\MicrosoftEdge\Addons!FlashPlayerEnabled
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 9.0 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 6.0 | Privileges Required: NONE |
| Severity: CRITICAL | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | Scope: CHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:81829 |
