[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-45495-9

Platform: cpe:/o:microsoft:windows_server_2016Date: (C)2017-08-03   (M)2023-07-04



AppLocker defines executable rules as any files with the .exe and .com extensions that are associated with an application. Because all of the default rules for the executable rule collection are based on folder paths, all files under those paths will be allowed. The following are the default rules that are available for the executable rule collection: -Allow members of the local Administrators group access to run all executable files -Allow all users to run executable files in the Windows folder -Allow all users to run executable files in the Program Files folder Vulnerability: A malicious agent could run unauthorized programs and software. Counter Measure: Configure this policy based on the security requirements for your organization. Potential Impact: Depending on configuration, users may be unable to run specific applications. Fix: (1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsApplication Control PoliciesAppLockerExecutable RulesExecutable rules (2) REG: NO INFO


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer Configuration\Windows Settings\Security Settings\Application Control Policies\AppLocker\Executable Rules\Executable rules (2) REG: NO INFO

CCSS Severity:CCSS Metrics:
CCSS Score : 7.5Attack Vector: NETWORK
Exploit Score: 1.6Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: LOW
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40340


OVAL    1
oval:org.secpod.oval:def:40340
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2016

© SecPod Technologies