CCE-93741-7| Platform: cpe:/o:microsoft:windows_server_2019 | Date: (C)2020-09-22 (M)2023-07-04 |
MSS: (AutoShareServer) Enable Administrative Shares (recommended except for highly secure environments)
This entry appears as MSS: (AutoShareServer) Enable Administrative Shares (not recommended except for highly secure environments) in the SCE.
For additional information, see the Microsoft Knowledge Base article 'How to remove administrative shares in Windows Server 2008' at http://support.microsoft.com/kb/954422/en-us.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!MSS: (AutoShareServer) Enable Administrative Shares (recommended except for highly secure environments)
(2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesLanmanServerParameters!AutoShareServer
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 6.6 | Attack Vector: NETWORK |
| Exploit Score: 0.7 | Attack Complexity: HIGH |
| Impact Score: 5.9 | Privileges Required: HIGH |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:56758 |
