CCE-43018-1| Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Windows Firewall: Private: Inbound connections' for DefaultInboundAction
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.
Counter Measure:
Configure this setting to block inbound connections by default.
Potential Impact:
None, this is the default configuration.
Parameter:
[block/allow]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsWindows Firewall with Advanced SecurityWindows Firewall with Advanced SecurityWindows Firewall PropertiesPrivate ProfileWindows Firewall: Private: Inbound connections
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsFirewallPrivateProfileDefaultInboundAction
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 9.8 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: NONE |
| Severity: CRITICAL | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35224 |
