Access Credential Manager as a trusted callerID: oval:org.secpod.oval:def:82069 | Date: (C)2022-07-15 (M)2023-12-12 |
Class: COMPLIANCE | Family: windows |
This setting is used by Credential Manager during Backup/Restore. No accounts should have this privilege, as it is only assigned to Winlogon. Users saved credentials might be compromised if this privilege is given to other entities.
Counter Measure:
Configure this user right so that no accounts have it.
Potential Impact:
None, this is the default configuration
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Access Credential Manager as a trusted caller
(2) REG: ###
(3) WMI: root\rsop\computer#RSOP_UserPrivilegeRight#AccountList#UserRight=SeTrustedCredManAccessPrivilege and precedence=1
Platform: |
Microsoft Windows Server 2019 |