CCE-96740-6| Platform: cpe:/o:microsoft:windows_11 | Date: (C)2022-05-07 (M)2023-07-04 |
This policy setting allows you to configure protocol recognition for network protection against exploits of known vulnerabilities.
If you enable or do not configure this setting, protocol recognition will be enabled.
If you disable this setting, protocol recognition will be disabled.
Countermeasure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Protocol recognition will be enabled and could impact performance.
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Network Inspection System\Turn on protocol recognition
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\NIS!DisableProtocolRecognition
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 5.6 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 3.4 | Privileges Required: NONE |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: LOW |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:79477 |
