[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-36178-2

Platform: cpe:/o:microsoft:windows_server_2012::r2Date: (C)2015-10-08   (M)2023-07-04



Prevent plaintext PINs from being returned by Credential Manager This policy setting prevents plaintext PINs from being returned by Credential Manager. If you enable this policy setting, Credential Manager does not return a plaintext PIN. If you disable or do not configure this policy setting, plaintext PINs can be returned by Credential Manager. Note: Enabling this policy setting could prevent certain smart cards from working on Windows. Please consult your smart card manufacturer to find out whether you will be affected by this policy setting.


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsSmart Card!Prevent plaintext PINs from being returned by Credential Manager (2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsSmartCardCredentialProvider!DisallowPlaintextPin

CCSS Severity:CCSS Metrics:
CCSS Score : 7.7Attack Vector: LOCAL
Exploit Score: 2.5Attack Complexity: LOW
Impact Score: 5.2Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: NONE
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:27348


OVAL    1
oval:org.secpod.oval:def:27348
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_2012_R2

© SecPod Technologies