CCE-96641-6Platform: cpe:/o:microsoft:windows_11 | Date: (C)2022-05-07 (M)2023-07-04 |
This setting lets you decide whether employees can browse using InPrivate website browsing.
Turning this setting on, or not configuring it, lets employees use InPrivate browsing on the corporate network.
Turning this setting off stops employees from using InPrivate website browsing.
Countermeasure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Users cannot use InPrivate browsing on the corporate network.
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\Allow InPrivate browsing
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\MicrosoftEdge\Main!AllowInPrivate
CCSS Severity: | CCSS Metrics: |
CCSS Score : 4.5 | Attack Vector: LOCAL |
Exploit Score: 1.0 | Attack Complexity: HIGH |
Impact Score: 3.4 | Privileges Required: LOW |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: LOW |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:79513 |