CCE-26004-2Platform: cpe:/o:microsoft:windows_server_2012:- | Date: (C)2022-08-12 (M)2023-07-04 |
The registry value entry EnableICMPRedirect was added to the template file in the HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters registry key. The entry appears as MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes in the SCE.
Internet Control Message Protocol (ICMP) redirects cause the stack to plumb host routes. These routes override the Open Shortest Path First (OSPF)?generated routes. Microsoft recommends to configure this setting to Not Defined for enterprise environments and to Disabled for high security environments.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!The entry appears as MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes in the SCE.
(2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters!EnableICMPRedirect
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.7 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.5 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: LOW |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:82856 |