CCE-15127-4| Platform: cpe:/o:microsoft:windows_10 | Date: (C)2022-11-15 (M)2023-07-04 |
To ensure secure DoD websites and DoD-signed code are properly validated, the system must trust the DoD Root Certificate Authorities (CAs). The DoD root certificates will ensure the trust chain is established for server certificates issued from the DoD CAs.
Fix:
Install the DoD Root CA certificates:
DoD Root CA 3
DoD Root CA 4
DoD Root CA 5
The InstallRoot tool is available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files.
Parameter:
[yes/no]
Technical Mechanism:
Install the DoD Root CA certificates:
DoD Root CA 3
DoD Root CA 4
DoD Root CA 5
The InstallRoot tool is available on Cyber Exchange at https://cyber.mil/pki-pke/tools-configuration-files.
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.0 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 4.7 | Privileges Required: NONE |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: LOW |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85548 |
