CCE-93734-2Platform: cpe:/o:microsoft:windows_server_2019 | Date: (C)2020-09-22 (M)2023-07-04 |
MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)
The registry value entry DisableIPSourceRouting was added to the template file in the HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters registry key. The entry appears as MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing) in the SCE.
IP source routing is a mechanism that allows the sender to determine the IP route that a datagram should take through the network. Microsoft recommends to configure this setting to Not Defined for enterprise environments and to Highest Protection for high security environments to completely disable source routing.
Parameter:
[highest protection, source routing is completely disabled/medium, source routed packets ignored when IP forwarding is enabled/no additional protection, source routed packets are allowed]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)
(2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters!DisableIPSourceRouting
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:56751 |