CVE-2019-1220 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2019-1220

Analyzed

More Info Official Page

Source-secure@microsoft.com

Published At-11 Sep, 2019 | 22:15

Updated At-24 Aug, 2020 | 17:37

A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	4.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N

CPE Matches

Microsoft Corporation

>>internet_explorer>>9

cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2008>>-

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

Microsoft Corporation

>>internet_explorer>>10

cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2012>>-

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

Microsoft Corporation

>>internet_explorer>>11

cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>-

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1607

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1703

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1709

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1803

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1809

cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1903

cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*

Microsoft Corporation

cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*

Microsoft Corporation

>>windows_8.1>>-

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_rt_8.1>>-

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2008>>r2

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*

Microsoft Corporation

>>windows_server_2012>>-

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2012>>r2

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2016>>-

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2019>>-

cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

Microsoft Corporation

>>edge>>-

cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>-

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1607

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1703

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1709

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1803

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1809

cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10>>1903

cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2016>>-

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2019>>-

cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-425	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1220	secure@microsoft.com	Patch Vendor Advisory