CCE-47651-5Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2022-09-02 (M)2023-07-04 |
Manages a Windows app's ability to share data between users who have installed the app.
If you enable this policy, a Windows app can share app data with other instances of that app. Data is shared through the SharedLocal folder. This folder is available through the Windows.Storage API.
If you disable this policy, a Windows app can't share app data with other instances of that app. If this policy was previously enabled, any previously shared app data will remain in the SharedLocal folder.
Countermeasure:
Disable this setting.
Potential Impact:
A Windows app can't share app data with other instances of that app.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsApp Package DeploymentAllow a Windows app to share application data between users
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsCurrentVersionAppModelStateManager!AllowSharedLocalAppData
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\App Package Deployment\Allow a Windows app to share application data between users
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\AppModel\StateManager!AllowSharedLocalAppData
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:83604 |