CCE-98149-8Platform: cpe:/o:microsoft:windows_server_2022:::x64 | Date: (C)2023-07-18 (M)2023-07-19 |
This policy setting lets you control the redirection of location data to the remote computer in a Remote Desktop Services session.By default, Remote Desktop Services allows redirection of location data.If you enable this policy setting, users cannot redirect their location data to the remote computer.If you disable or do not configure this policy setting, users can redirect their location data to the remote computer.Fix:(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsRemote Desktop ServicesRemote Desktop Session HostDevice and Resource RedirectionDo not allow location redirection(2) REG: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTTerminal Services!fDisableLocationRedir
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow location redirection
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableLocationRedir
CCSS Severity: | CCSS Metrics: |
CCSS Score : 4.3 | Attack Vector: ADJACENT_NETWORK |
Exploit Score: 2.8 | Attack Complexity: LOW |
Impact Score: 1.4 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: NONE |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:91056 |