[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-41804-6

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-04



Select the 'Configure Default consent' to always_ask_before_sending_data This setting determines the consent behavior of Windows Error Reporting. If Consent level is set to "Always ask before sending data", Windows will prompt the user for consent to send reports. If Consent level is set to "Send parameters", the minimum data required to check for an existing solution will be sent automatically, and Windows will prompt the user for consent to send any additional data requested by Microsoft. If Consent level is set to "Send parameters and safe additional data", the minimum data required to check for an existing solution as well as data which Windows has determined does not contain (within a high probability) personally identifiable data will be sent automatically, and Windows will prompt the user for consent to send any additional data requested by Microsoft. If Consent level is set to "Send all data", any data requested by Microsoft will be sent automatically. If this setting is disabled or not configured then consent will default to "Always ask before sending data". Counter Measure: Configure this setting depending on your organization's requirements. Potential Impact: The user may or may not receive consent notifications depending on configuration.


Parameter:

[always ask before sending data/send parameters/send parameters and safe additional data]


Technical Mechanism:

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows Error ReportingConsentConfigure Default consent (2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindows Error ReportingConsentDefaultConsent

CCSS Severity:CCSS Metrics:
CCSS Score : 3.7Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 1.4Privileges Required: NONE
Severity: LOWUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NScope: UNCHANGED
 Confidentiality: LOW
 Integrity: NONE
 Availability: NONE
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35028


OVAL    1
oval:org.secpod.oval:def:35028
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_10

© SecPod Technologies