CCE-36252-5| Platform: cpe:/o:microsoft:windows_server_2012::r2 | Date: (C)2015-10-08 (M)2023-07-04 |
Enable NTFS pagefile encryption
Encrypting the page file prevents malicious users from reading data that has been paged to disk, but also adds processing overhead for filesystem operations. Enabling this setting will cause the page files to be encrypted.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesSystemFilesystemNTFS!Enable NTFS pagefile encryption
(2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetPolicies!NtfsEncryptPagingFile
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 9.8 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: NONE |
| Severity: CRITICAL | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:27395 |
