CCE-33398-9Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
Allow local activation security check exemptions
Allows you to specify that local computer administrators can supplement the 'Define Activation Security Check exemptions' list.
If you enable this policy setting, and DCOM does not find an explicit entry for a DCOM server application id (appid) in the 'Define Activation Security Check exemptions' policy (if enabled), DCOM will look for an entry in the locally configured list.
If you disable this policy setting, DCOM will not look in the locally configured DCOM activation security check exemption list.
If you do not configure this policy setting, DCOM will only look in the locally configured exemption list if the 'Define Activation Security Check exemptions' policy is not configured.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesSystemDistributed COMApplication Compatibility Settings!Allow local activation security check exemptions
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows NTDCOMAppCompat!AllowLocalActivationSecurityCheckExemptionList
CCSS Severity: | CCSS Metrics: |
CCSS Score : 2.2 | Attack Vector: NETWORK |
Exploit Score: 0.7 | Attack Complexity: HIGH |
Impact Score: 1.4 | Privileges Required: HIGH |
Severity: LOW | User Interaction: NONE |
Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:28863 |