CCE-34395-4Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
Configure Security Policy for Scripted Diagnostics
Determines whether scripted diagnostics will execute diagnostic packages that are signed by untrusted publishers.
If you enable this policy setting, the scripted diagnostics execution engine will validate the signer of any diagnostic package and only run those signed by trusted publishers.
If you disable this policy setting, the scripted diagnostics execution engine will run all digitally signed packages.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesSystemTroubleshooting and DiagnosticsScripted Diagnostics!Configure Security Policy for Scripted Diagnostics
(2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsScriptedDiagnostics!ValidateTrust
CCSS Severity: | CCSS Metrics: |
CCSS Score : 6.7 | Attack Vector: LOCAL |
Exploit Score: 0.8 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: MEDIUM | User Interaction: REQUIRED |
Vector: AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:29385 |