CCE-34597-5Platform: cpe:/o:microsoft:windows_8.1 | Date: (C)2015-10-14 (M)2023-07-04 |
MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes
The registry value entry EnableICMPRedirect was added to the template file in the HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters registry key. The entry appears as MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes in the SCE.
Internet Control Message Protocol (ICMP) redirects cause the stack to plumb host routes. These routes override the Open Shortest Path First (OSPF)?generated routes. Microsoft recommends to configure this setting to Not Defined for enterprise environments and to Disabled for high security environments.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes
(2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters!EnableICMPRedirect
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.7 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.5 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: LOW |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:22630 |