CCE-34911-8Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-07 |
Microsoft network server: Disconnect clients when logon hours expire
This policy setting determines whether to disconnect users who are connected to the local computer outside their user account?s valid logon hours. It affects the SMB component. If you enable this policy setting, client sessions with the SMB service will be forcibly disconnected when the client?s logon hours expire. If you disable this policy setting, established client sessions will be maintained after the client?s logon hours expire. If you enable this policy setting you should also enable Network security: Force logoff when logon hours expire.
If your organization configures logon hours for users, it makes sense to enable this policy setting.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!Microsoft network server: Disconnect clients when logon hours expire
(2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesLanManServerParameters!enableforcedlogoff
CCSS Severity: | CCSS Metrics: |
CCSS Score : 4.3 | Attack Vector: NETWORK |
Exploit Score: 2.8 | Attack Complexity: LOW |
Impact Score: 1.4 | Privileges Required: LOW |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | Scope: UNCHANGED |
| Confidentiality: NONE |
| Integrity: NONE |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:22369 |