CCE-98644-8Platform: cpe:/o:microsoft:windows_10 | Date: (C)2022-07-05 (M)2023-07-04 |
This policy setting specifies the maximum size of the log file in kilobytes.
If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes), in kilobyte increments.
If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog, and it defaults to 1 megabyte.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsEvent Log ServiceSetupSpecify the maximum log file size (KB)
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsEventLogSetup!MaxSize
Parameter:
[Log File Size]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Setup\Specify the maximum log file size (KB)
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\EventLog\Setup!MaxSize
CCSS Severity: | CCSS Metrics: |
CCSS Score : 5.3 | Attack Vector: LOCAL |
Exploit Score: 1.8 | Attack Complexity: LOW |
Impact Score: 3.4 | Privileges Required: LOW |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: LOW |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:81825 |