CCE-96643-2| Platform: cpe:/o:microsoft:windows_11 | Date: (C)2022-05-07 (M)2023-07-04 |
This setting lets you decide whether employees can send Do Not Track headers to websites that request tracking info.
Turning this setting on lets your employees send Do Not Track headers.
Turning this setting off, or not configuring it, stops your employees from sending Do Not Track headers.
Countermeasure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Users cannot be tracked in their Microsoft Edge browser from outside agents.
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\Allow employees to send Do Not Track headers
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\MicrosoftEdge\Main!DoNotTrack
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 3.7 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 1.4 | Privileges Required: NONE |
| Severity: LOW | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: NONE |
| | Availability: NONE |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:79607 |
