[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-36269-9

Platform: cpe:/o:microsoft:windows_server_2012::r2Date: (C)2015-10-08   (M)2023-07-14



Microsoft network client: Digitally sign communications (if server agrees) This policy setting determines whether the SMB client will attempt to negotiate SMB packet signing. The implementation of digital signing in Windows?based networks helps to prevent sessions from being hijacked. If you enable this policy setting, the Microsoft network client will use signing only if the server with which it communicates accepts digitally signed communication. Microsoft recommends to enable The Microsoft network client: Digitally sign communications (if server agrees) setting. Note Enabling this policy setting on SMB clients on your network makes them fully effective for packet signing with all clients and servers in your environment.


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!Microsoft network client: Digitally sign communications (if server agrees) (2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesLanmanWorkstationParameters!EnableSecuritySignature

CCSS Severity:CCSS Metrics:
CCSS Score : 8.1Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:22934


OVAL    1
oval:org.secpod.oval:def:22934
XCCDF    5
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2012_R2
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2012_R2
xccdf_org.secpod_benchmark_PCI_Windows_2012_R2
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2012_R2
...

© SecPod Technologies