[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-50918-2

Platform: cpe:/o:microsoft:windows_server_2016Date: (C)2017-08-03   (M)2023-07-04



When WDigest authentication is enabled, Lsass.exe retains a copy of the user's plaintext password in memory, where it can be at risk of theft. Microsoft recommends disabling WDigest authentication unless it is needed. If this setting is not configured, WDigest authentication is disabled in Windows 8.1 and in Windows Server 2012 R2; it is enabled by default in earlier versions of Windows and Windows Server. Update KB2871997 must first be installed to disable WDigest authentication using this setting in Windows 7, Windows 8, Windows Server 2008 R2 and Windows Server 2012. Enabled: Enables WDigest authentication. Disabled (recommended): Disables WDigest authentication. For this setting to work on Windows 7, Windows 8, Windows Server 2008 R2 or Windows Server 2012, KB2871997 must first be installed. For more information, see http://support.microsoft.com/kb/2871997 and http://blogs.technet.com/b/srd/archive/2014/06/05/an-overview-of-kb2871997.aspx . Vulnerability: Counter Measure: Enabling this setting can compromise security as it may allow for plaintext password theft. Potential Impact: Disable this setting. Fix: (1) GPO: Existing code may depend on WDigest passwords being stored in cleartext in memory.WDigest Authentication (disabling may require KB2871997) (2) REG: Computer ConfigurationAdministrative TemplatesMS Security GuideHKEY_LOCAL_MACHINE!SYSTEMCurrentControlSetControlSecurityProvidersWDigest


Parameter:

[enable/disable]


Technical Mechanism:

(1) GPO: Existing code may depend on WDigest passwords being stored in cleartext in memory.\WDigest Authentication (disabling may require KB2871997) (2) REG: Computer Configuration\Administrative Templates\MS Security Guide\HKEY_LOCAL_MACHINE!SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest

CCSS Severity:CCSS Metrics:
CCSS Score : 9.8Attack Vector: NETWORK
Exploit Score: 3.9Attack Complexity: LOW
Impact Score: 5.9Privileges Required: NONE
Severity: CRITICALUser Interaction: NONE
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40346


OVAL    1
oval:org.secpod.oval:def:40346

© SecPod Technologies