CCE-15104-3| Platform: cpe:/o:microsoft:windows_10 | Date: (C)2022-11-15 (M)2023-07-04 |
Passwords that do not expire increase exposure with a greater probability of being discovered or cracked.
Fix:
Configure all passwords to expire.
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double click each active account.
Ensure "Password never expires" is not checked on all active accounts.
Parameter:
[yes/no]
Technical Mechanism:
Configure all passwords to expire.
Run "Computer Management".
Navigate to System Tools Local Users and Groups Users.
Double click each active account.
Ensure "Password never expires" is not checked on all active accounts.
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 8.1 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 5.9 | Privileges Required: NONE |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85539 |
