CCE-36584-1| Platform: cpe:/o:microsoft:windows_server_2012::r2 | Date: (C)2015-10-08 (M)2023-07-04 |
Allow user name hint
This policy setting lets you determine whether an optional field will be displayed during logon and elevation that allows a user to enter his or her user name or user name and domain, thereby associating a certificate with that user.
If you enable this policy setting then an optional field that allows a user to enter their user name or user name and domain will be displayed.
If you disable or do not configure this policy setting, an optional field that allows users to enter their user name or user name and domain will not be displayed.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsSmart Card!Allow user name hint
(2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsSmartCardCredentialProvider!X509HintsNeeded
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 6.5 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 2.5 | Privileges Required: NONE |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: NONE |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:27557 |
