[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-45279-7

Platform: cpe:/o:microsoft:windows_server_2016Date: (C)2017-08-03   (M)2023-07-04



MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes Vulnerability: This behavior is expected. The problem is that the 10 minute time-out period for the ICMP redirect-plumbed routes temporarily creates a network situation in which traffic will no longer be routed properly for the affected host. Counter Measure: Configure the MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes entry to a value of Disabled. The possible values for this registry entry are: * 1 or 0. The default configuration is 1 (enabled). In the SCE UI, these options appear as: * Enabled * Disabled * Not Defined Potential Impact: When Routing and Remote Access Service (RRAS) is configured as an autonomous system boundary router (ASBR), it does not correctly import connected interface subnet routes. Instead, this router injects host routes into the OSPF routes. However, the OSPF router can not be used as an ASBR router, and when connected interface subnet routes are imported into OSPF the result is confusing routing tables with strange routing paths. Fix: (1) GPO: Computer ConfigurationAdministrative TemplatesMSS (Legacy)MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes (2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters!EnableICMPRedirect


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer Configuration\Administrative Templates\MSS (Legacy)\MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters!EnableICMPRedirect

CCSS Severity:CCSS Metrics:
CCSS Score : 7.7Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 5.5Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: LOW
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40331


OVAL    1
oval:org.secpod.oval:def:40331
XCCDF    5
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_general_Windows_Server_2016
...

© SecPod Technologies