CCE-99476-4| Platform: cpe:/o:microsoft:windows_server_2016 | Date: (C)2023-09-08 (M)2023-10-13 |
This policy setting controls which port is used for RPC over TCP for incoming connections to the print spooler and outgoing connections to remote print spoolers.
The recommended state for this setting is: Enabled: 0.
Fix:
(1) GPO: Computer ConfigurationPoliciesAdministrative TemplatesPrintersConfigure RPC over TCP port
(2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTPrintersRPC:RpcTcpPort
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\Policies\Administrative Templates\Printers\Configure RPC over TCP port
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\RPC:RpcTcpPort
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 5.6 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 3.4 | Privileges Required: NONE |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: LOW |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:92696 |
