CCE-37067-6Platform: cpe:/o:microsoft:windows_server_2012::r2 | Date: (C)2015-10-08 (M)2023-07-04 |
MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)
The registry value entry AutoAdminLogon was added to the template file in the HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon registry key. The entry appears as MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) in the Security Configuration Editor.
This setting is separate from the Welcome screen feature in Windows XP and Windows Vista; if that feature is disabled, this setting is not disabled. If you configure a computer for automatic logon, anyone who can physically gain access to the computer can also gain access to everything that is on the computer, including any network or networks to which the computer is connected. Also, if you enable automatic logon, the password is stored in the registry in plaintext, and the specific registry key that stores this value is remotely readable by the Authenticated Users group.
For additional information, see the Knowledge Base article 315231, 'How to turn on automatic logon in Windows XP.'
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)
(2) REG: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon!AutoAdminLogon
CCSS Severity: | CCSS Metrics: |
CCSS Score : 6.8 | Attack Vector: PHYSICAL |
Exploit Score: 0.9 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:22973 |