CCE-34300-4Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
Allow or Disallow use of encryption to protect the RPC protocol messages between File Share Shadow Copy Provider running on application server and File Share Shadow Copy Agent running on the file servers.
Determines whether the RPC protocol messagese used by VSS for SMB2 File Shares feature is enabled.
VSS for SMB2 File Shares feature enables VSS aware backup applications to perform application consistent backup and restore of VSS aware applications storing data on SMB2 File Shares.
By default, the RPC protocol message between File Server VSS provider and File Server VSS Agent is signed but not encrypted.
Note: To make changes to this setting effective, you must restart Volume Shadow Copy (VSS) Service .
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesSystemFile Share Shadow Copy Provider!Allow or Disallow use of encryption to protect the RPC protocol messages between File Share Shadow Copy Provider running on application server and File Share Shadow Copy Agent running on the file servers.
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsfssProv!EncryptProtocol
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.4 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.2 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:29346 |