[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-42504-1

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-04



Specify the 'Configure log access (legacy) - Event Log ServiceApplication' (SDDL String) value This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect the both modern and legacy tools. If you enable this policy setting, only those users matching the security descriptor can access the log. If you disable this policy setting, all authenticated users and system services can write, read, or clear this log. If you do not configure this policy setting, the previous policy setting configuration remains in effect. Counter Measure: Enable and configure this setting depending on your organization's requirements. Potential Impact: Users may not have access to the log.


Parameter:

[log access]


Technical Mechanism:

(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsEvent Log ServiceApplicationConfigure log access (legacy) - Event Log ServiceApplication

CCSS Severity:CCSS Metrics:
CCSS Score : 7.5Attack Vector: NETWORK
Exploit Score: 1.6Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: LOW
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35119


OVAL    1
oval:org.secpod.oval:def:35119
XCCDF    2
xccdf_org.secpod_benchmark_SecPod_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10

© SecPod Technologies