CCE-99743-7Platform: cpe:/o:microsoft:windows_server_2019 | Date: (C)2022-07-28 (M)2023-07-04 |
This subcategory reports on other system events. Events for this subcategory include:
? 5024 : The Windows Firewall Service has started successfully.
? 5025 : The Windows Firewall Service has been stopped.
? 5027 : The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy.
? 5028 : The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy.
? 5029: The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy.
? 5030: The Windows Firewall Service failed to start.
? 5032: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.
? 5033 : The Windows Firewall Driver has started successfully.
? 5034 : The Windows Firewall Driver has been stopped.
? 5035 : The Windows Firewall Driver failed to start.
? 5037 : The Windows Firewall Driver detected critical runtime error. Terminating.
? 5058: Key file operation.
? 5059: Key migration operation.
Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226.
This policy setting in the System audit category determines whether to audit Other System events on computers that are running Windows Vista or later versions of Windows.
Parameter:
[success/failure/success_failure/none]
Technical Mechanism:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Audit Policies\System!Audit Policy: System: Other System Events
(2) REG: NO REGISTRY INFO
CCSS Severity: | CCSS Metrics: |
CCSS Score : 6.7 | Attack Vector: LOCAL |
Exploit Score: 0.8 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: HIGH |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:82047 |