CCE-93227-7Platform: cpe:/o:microsoft:windows_server_2019 | Date: (C)2020-09-22 (M)2023-07-04 |
IKE and AuthIP IPsec Keying Modules
The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.
Parameter:
[manual/disable/automatic]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsSystem Services!IKE and AuthIP IPsec Keying Modules
(2) REG: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesIKEEXT!Start
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.0 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 4.7 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: LOW |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:56246 |