[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-42798-9

Platform: cpe:/o:microsoft:windows_10Date: (C)2016-09-23   (M)2023-07-04



Disable: 'Devices: Restrict CD-ROM access to locally logged-on user only' for AllocateCDRoms This policy setting determines whether a CD-ROM is accessible to both local and remote users simultaneously. If you enable this policy setting, only the interactively logged-on user is allowed to access removable CD-ROM media. When this policy setting is enabled and no one is logged on interactively, the CD-ROM is accessible over the network. Counter Measure: Enable the Restrict CD-ROM drive access to locally logged-on user only setting. Potential Impact: Users who connect to the server over the network will not be able to use any CD drives that are installed on the server whenever anyone is logged on to the local console of the server. System tools that require access to the CD drive will fail. For example, the Volume Shadow Copy service attempts to access all CD and floppy disk drives that are present on the computer when it initializes, and if the service cannot access one of these drives, it will fail. This condition will cause the Windows Backup tool to fail if volume shadow copies were specified for the backup job. Any non-Microsoft backup products that use volume shadow copies will also fail. This policy setting would not be suitable for a computer that serves as a CD jukebox for network users.


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity OptionsDevices: Restrict CD-ROM access to locally logged-on user only (2) REG: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogonAllocateCDRoms

CCSS Severity:CCSS Metrics:
CCSS Score : 3.9Attack Vector: PHYSICAL
Exploit Score: 0.5Attack Complexity: HIGH
Impact Score: 3.4Privileges Required: NONE
Severity: LOWUser Interaction: NONE
Vector: AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:LScope: UNCHANGED
 Confidentiality: LOW
 Integrity: LOW
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35184


OVAL    1
oval:org.secpod.oval:def:35184
XCCDF    4
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© SecPod Technologies