CCE-15128-2| Platform: cpe:/o:microsoft:windows_10 | Date: (C)2022-11-15 (M)2023-07-04 |
To ensure secure websites protected with External Certificate Authority (ECA) server certificates are properly validated, the system must trust the ECA Root CAs. The ECA root certificates will ensure the trust chain is established for server certificates issued from the External CAs. This requirement only applies to unclassified systems.
Fix:
Install the ECA Root CA certificates on unclassified systems.
ECA Root CA 2
ECA Root CA 4
The InstallRoot tool is available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files.
Parameter:
[yes/no]
Technical Mechanism:
Install the ECA Root CA certificates on unclassified systems.
ECA Root CA 2
ECA Root CA 4
The InstallRoot tool is available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files.
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.3 | Attack Vector: LOCAL |
| Exploit Score: 1.3 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: REQUIRED |
| Vector: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85543 |
