CCE-42444-0Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
'Set time limit for active Remote Desktop Services sessions' to never
This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it is automatically disconnected.
If you enable this policy setting, you must select the desired time limit in the Active session limit drop-down list. Remote Desktop Services will automatically disconnect active sessions after the specified amount of time. The user receives a warning two minutes before the Remote Desktop Services session disconnects, which allows the user to save open files and close programs. If you have a console session, active session time limits do not apply.
If you disable or do not configure this policy setting, Remote Desktop Services allows sessions to remain active for an unlimited time. You can specify time limits for active sessions on the Sessions tab in the Remote Desktop Session Host Configuration tool.
If you want Remote Desktop Services to terminate-instead of disconnect-a session when the time limit is reached, you can configure the "Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSession Time LimitsTerminate session when time limits are reached" policy setting.
Note: This policy setting appears in both Computer Configuration and User Configuration. If both policy settings are configured, the Computer Configuration policy setting takes precedence.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Remote Desktop Services will automatically disconnect active sessions after the specified amount of time.
Parameter:
[never/1 minute/5 minutes/10 minutes/15 minutes/30 minutes]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSession Time LimitsSet time limit for active Remote Desktop Services sessions
(2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTTerminal ServicesMaxConnectionTime
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35102 |