[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-47193-8

Platform: cpe:/o:microsoft:windows_server_2016Date: (C)2017-08-03   (M)2023-07-04



This policy setting specifies whether the computer that is about to host the remote connection will enforce an encryption level for all data sent between it and the client computer for the remote session. Vulnerability: If Terminal Server client connections are allowed that use low level encryption, it is more likely that an attacker will be able to decrypt any captured Terminal Services network traffic. Counter Measure: Configure the Set Client Connection Encryption Level setting to High Level. Potential Impact: Clients that do not support 128-bit encryption will be unable to establish Terminal Server sessions. Fix: (1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostSecuritySet client connection encryption level (2) REG: NO INFO


Parameter:

[low level/client compatible/high level]


Technical Mechanism:

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security\Set client connection encryption level (2) REG: NO INFO

CCSS Severity:CCSS Metrics:
CCSS Score : 9.8Attack Vector: NETWORK
Exploit Score: 3.9Attack Complexity: LOW
Impact Score: 5.9Privileges Required: NONE
Severity: CRITICALUser Interaction: NONE
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40195


OVAL    1
oval:org.secpod.oval:def:40195
XCCDF    5
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_general_Windows_Server_2016
...

© SecPod Technologies