CCE-36611-2Platform: cpe:/o:microsoft:windows_server_2012::r2 | Date: (C)2015-10-08 (M)2023-07-04 |
Do not allow sessions without mutual CHAP
If enabled then only those sessions that are configured for mutual CHAP may be established. If disabled then sessions that are configured for mutual CHAP or sessions not configured for mutual CHAP may be established.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesSystemiSCSIiSCSI Security!Do not allow sessions without mutual CHAP
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsiSCSI!RequireMutualCHAP
CCSS Severity: | CCSS Metrics: |
CCSS Score : 9.8 | Attack Vector: NETWORK |
Exploit Score: 3.9 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: CRITICAL | User Interaction: NONE |
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:27571 |