CCE-47650-7Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2022-09-02 (M)2023-07-04 |
This policy setting configures access to remote shells.
If you enable this policy setting and set it to False, new remote shell connections are rejected by the server.
If you disable or do not configure this policy setting, new remote shell connections are allowed.
Countermeasure:
Configure Allow Remote Shell Access to Disabled.
Potential Impact:
If you enable this policy setting, remote access is allowed to all supported shells to execute scripts and commands.
If you disable or do not configure this policy setting, remote access is not allowed to all supported shells to execute scripts and commands.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows Remote ShellAllow Remote Shell Access
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsWinRMServiceWinRS!AllowRemoteShellAccess
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Remote Shell\Allow Remote Shell Access
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!AllowRemoteShellAccess
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:83603 |