CCE-94096-5Platform: cpe:/o:microsoft:windows_server_2019 | Date: (C)2020-09-22 (M)2023-07-04 |
Allow all trusted apps to install
This policy setting allows you to manage the installation of app packages that do not originate from the Windows Store.
If you enable this policy setting, you can install any trusted app package. A trusted app package is one that is signed with a certificate chain that can be successfully validated by the local computer. This can include line-of-business app packages signed by the enterprise in addition to app packages that originate from the Windows Store.
If you disable or do not configure this policy setting, you can only install trusted app packages that come from the Windows Store.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsApp Package Deployment!Allow all trusted apps to install
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsAppx!AllowAllTrustedApps
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.5 | Attack Vector: NETWORK |
Exploit Score: 1.6 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:57112 |