CCE-99671-0Platform: cpe:/o:microsoft:windows_server_2019 | Date: (C)2022-11-22 (M)2023-07-04 |
This security setting determines the maximum amount of time (in minutes) that a granted session ticket can be used to access a particular service. The setting must be greater than ten minutes and less than or equal to the setting for Maximum lifetime for user ticket. By default, this value is set to 600 minutes (10 hours) in the Default Domain Group Policy object (GPO).
Parameter:
[MINS]
Technical Mechanism:
CCSS Severity: | CCSS Metrics: |
CCSS Score : 9.1 | Attack Vector: NETWORK |
Exploit Score: 3.9 | Attack Complexity: LOW |
Impact Score: 5.2 | Privileges Required: NONE |
Severity: CRITICAL | User Interaction: NONE |
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85617 |