CCE-99758-5Platform: cpe:/o:microsoft:windows_server_2019 | Date: (C)2022-07-28 (M)2023-07-04 |
Enables management of password for local administrator account
If you enable this setting, local administrator password is managed
If you disable or not configure this setting, local administrator password is NOT managed
Countermeasure:
Enable this setting.
Potential Impact:
Local administrator passwords are changed as managed.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\LAPS\Enable local admin password management
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft Services\AdmPwd!AdmPwdEnabled
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:82062 |