CCE-97072-3Platform: cpe:/o:microsoft:windows_11 | Date: (C)2022-05-07 (M)2023-07-04 |
This policy setting limits the type of dumps that can be collected when more information is needed to troubleshoot a problem. Dumps are only sent when the device has been configured to send optional diagnostic data.
By enabling this setting, Windows Error Reporting is limited to sending kernel mini dumps and user mode triage dumps.
If you disable or do not configure this policy setting, we may occasionally collect full or heap dumps if the user has opted to send optional diagnostic data.
Fix:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsData Collection and Preview BuildsLimit Dump Collection
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsDataCollection!LimitDumpCollection
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds\Limit Dump Collection
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DataCollection!LimitDumpCollection
CCSS Severity: | CCSS Metrics: |
CCSS Score : 3.7 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 1.4 | Privileges Required: NONE |
Severity: LOW | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:79800 |