CCE-98675-2Platform: cpe:/o:microsoft:windows_10 | Date: (C)2022-11-15 (M)2023-07-07 |
This policy setting determines whether an anonymous user can request security identifier (SID) attributes for another user, or use a SID to obtain its corresponding user name. Disable this policy setting to prevent unauthenticated users from obtaining user names that are associated with their respective SIDs.
This policy setting determines whether an anonymous user can request security identifier (SID) attributes for another user, or use a SID to obtain its corresponding user name.
Fix:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!Network access: Allow anonymous SID/Name translation
(2) WMI: root
sopcomputer#RSOP_SecuritySettingBoolean#Setting#KeyName='LSAAnonymousNameLookup' and precedence=1
Parameter:
[disable/enable]
Technical Mechanism:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Network access: Allow anonymous SID/Name translation
(2) WMI: root\rsop\computer#RSOP_SecuritySettingBoolean#Setting#KeyName='LSAAnonymousNameLookup' and precedence=1
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.5 | Attack Vector: NETWORK |
Exploit Score: 1.6 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85517 |