V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2025-21189
CVE
Medium

MapUrlToZone Security Feature Bypass Vulnerability

CVSS
4.3
Medium
EPSS
0.03
p84
Published
2025-01-01
Updated
2025-01-01
Description

MapUrlToZone Security Feature Bypass Vulnerability

Tags · CWE
Pre-auth
CWE-41
CAPEC-3
Affected products
Windows_10_1507 < 10.0.10240.20890Windows_10_1607 < 10.0.14393.7699Windows_10_1809 < 10.0.17763.6775Windows_10_21h2 < 10.0.19044.5371Windows_10_22h2 < 10.0.19045.5371Windows_11_22h2 < 10.0.22621.4751Windows_11_23h2 < 10.0.22631.4751Windows_11_24h2 < 10.0.26100.2894Windows_server_2008Windows_server_2012Windows_server_2016 < 10.0.14393.7699Windows_server_2019 < 10.0.17763.6775Windows_server_2022 < 10.0.20348.3091Windows_server_2022_23h2 < 10.0.25398.1369Windows_server_2025 < 10.0.26100.2894
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Timeline
2025-01-01
Published
2025-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: L
Low (L)
Integrity Impact
I: N
None (N)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.029 · p84
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
windows_10_1507*Tracked
windows_10_1607*Tracked
windows_10_1809*Tracked
windows_10_21h2*Tracked
windows_10_22h2*Tracked
windows_11_22h2*Tracked
windows_11_23h2*Tracked
windows_11_24h2*Tracked
windows_server_2008*Tracked
windows_server_2012*Tracked
windows_server_2016*Tracked
windows_server_2019*Tracked
windows_server_2022*Tracked
windows_server_2022_23h2*Tracked
windows_server_2025*Tracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
Showing first 20 of 223
Source databases
MSR
CVE
Related vulnerabilities