Email spoofing
Description
The absence of DMARC records could allow spoofing of the email domain.
Impact
Send unauthorized emails from the domain of the company, supplanting their identity and facilitating the realization of phishing attacks.
Recommendation
Configure a DMARC record with policies suitable for the domain.
Threat
Anonymous attacker from Internet
Expected Remediation Time
⏱️ 120 minutes.
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
N
Attack complexity
H
Attack requirements
N
Privileges required
N
User interaction
N
Confidentiality (VC)
N
Integrity (VI)
L
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
U
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U