Vulnerability ID Message
V-254247 Systems at unsupported servicing levels will not receive security updates for...
V-205849 Systems at unsupported servicing levels will not receive security updates for...
V-253263 Windows 11 is maintained by Microsoft at servicing levels for specific period...
V-220706 Windows 10 is maintained by Microsoft at servicing levels for specific period...
V-254355 Enumeration of administrator accounts when elevating can provide part of the ...
V-205714 Enumeration of administrator accounts when elevating can provide part of the ...
V-253391 Enumeration of administrator accounts when elevating can provide part of the ...
V-220832 Enumeration of administrator accounts when elevating can provide part of the ...
V-205751 Inappropriate granting of user rights can provide system, administrative, and...
V-254289 The longer a password is in use, the greater the opportunity for someone to g...
V-205659 The longer a password is in use, the greater the opportunity for someone to g...
V-253301 The longer a password is in use, the greater the opportunity for someone to g...
V-220743 The longer a password is in use, the greater the opportunity for someone to g...
V-254447 The built-in administrator account is a well-known account subject to attack....
V-205909 The built-in administrator account is a well-known account subject to attack....
V-253435 The built-in administrator account is a well-known account subject to attack....
V-220911 The built-in administrator account is a well-known account subject to attack....
V-254291 Information systems not protected with strong password schemes (including pas...
V-205662 Information systems not protected with strong password schemes (including pas...
V-253303 Information systems not protected with strong password schemes (including pas...
V-220745 Information systems not protected with strong password schemes (including pas...
V-254290 Permitting passwords to be changed in immediate succession within the same da...
V-205656 Permitting passwords to be changed in immediate succession within the same da...
V-253302 Permitting passwords to be changed in immediate succession within the same da...
V-220744 Permitting passwords to be changed in immediate succession within the same da...
V-253385 Some features may communicate with the vendor, sending system information or ...
V-220826 Some features may communicate with the vendor, sending system information or ...
V-254351 Some features may communicate with the vendor, sending system information or ...
V-205691 Some features may communicate with the vendor, sending system information or ...
V-254448 The built-in guest account is a well-known user account on all Windows system...
V-205910 The built-in guest account is a well-known user account on all Windows system...
V-220912 The built-in guest account is a well-known user account on all Windows system...
V-253436 The built-in guest account is a well-known user account on all Windows system...
V-254424 Inappropriate granting of user rights can provide system, administrative, and...
V-254438 Inappropriate granting of user rights can provide system, administrative, and...
V-205670 Inappropriate granting of user rights can provide system, administrative, and...
V-205675 Inappropriate granting of user rights can provide system, administrative, and...
V-220971 Inappropriate granting of user rights can provide system, administrative, and...
V-253494 Inappropriate granting of user rights can provide system, administrative, and...
V-254440 Inappropriate granting of user rights can provide system, administrative, and...
V-205748 Inappropriate granting of user rights can provide system, administrative, and...
V-220973 Inappropriate granting of user rights can provide system, administrative, and...
V-253496 Inappropriate granting of user rights can provide system, administrative, and...
V-254426 Inappropriate granting of user rights can provide system, administrative, and...
V-205745 Inappropriate granting of user rights can provide system, administrative, and...
V-205908 An account without a password can allow unauthorized access to a system as on...
V-254446 An account without a password can allow unauthorized access to a system as on...
V-220910 An account without a password can allow unauthorized access to a system as on...
V-253434 An account without a password can allow unauthorized access to a system as on...
V-254429 A compromised local administrator account can provide means for an attacker t...
V-205715 A compromised local administrator account can provide means for an attacker t...
V-253357 A compromised local administrator account can provide means for an attacker t...
V-220799 A compromised local administrator account can provide means for an attacker t...
V-253432 The built-in administrator account is a well-known account subject to attack....
V-220908 The built-in administrator account is a well-known account subject to attack....
V-254445 A system faces an increased vulnerability threat if the built-in guest accoun...
V-205709 A system faces an increased vulnerability threat if the built-in guest accoun...
V-253433 A system faces an increased vulnerability threat if the built-in guest accoun...
V-220909 A system faces an increased vulnerability threat if the built-in guest accoun...
V-254250 The ability to set access permissions and auditing is critical to maintaining...
V-205663 The ability to set access permissions and auditing is critical to maintaining...
V-253265 The ability to set access permissions and auditing is critical to maintaining...
V-220708 The ability to set access permissions and auditing is critical to maintaining...
V-254372 Indexing of encrypted files may expose sensitive data. This setting prevents ...
V-205694 Indexing of encrypted files may expose sensitive data. This setting prevents ...
V-253409 Indexing of encrypted files may expose sensitive data. This setting prevents ...
V-220855 Indexing of encrypted files may expose sensitive data. This setting prevents ...
V-254494 Inappropriate granting of user rights can provide system, administrative, and...
V-253483 Inappropriate granting of user rights can provide system, administrative, and...
V-220960 Inappropriate granting of user rights can provide system, administrative, and...
V-254317 Maintaining an audit trail of system activity logs can help identify configur...
V-205840 Maintaining an audit trail of system activity logs can help identify configur...
V-253324 Maintaining an audit trail of system activity logs can help identify configur...
V-220766 Maintaining an audit trail of system activity logs can help identify configur...
V-254285 The account lockout feature, when enabled, prevents brute-force password atta...
V-205795 The account lockout feature, when enabled, prevents brute-force password atta...
V-253297 The account lockout feature, when enabled, prevents brute-force password atta...
V-220739 The account lockout feature, when enabled, prevents brute-force password atta...
V-254342 An exportable version of credentials is provided to remote hosts when using c...
V-205863 An exportable version of credentials is provided to remote hosts when using c...
V-253368 An exportable version of credentials is provided to remote hosts when using c...
V-220810 An exportable version of credentials is provided to remote hosts when using c...
V-254376 Windows can be configured to automatically sign the user back in after a Wind...
V-205925 Windows can be configured to automatically sign the user back in after a Wind...
V-253413 Windows can be configured to automatically sign the user back in after a Wind...
V-220859 Windows can be configured to automatically sign the user back in after a Wind...
V-260469 A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, ca...
V-254292 The use of complex passwords increases their strength against attack. The bui...
V-205652 The use of complex passwords increases their strength against attack. The bui...
V-253304 The use of complex passwords increases their strength against guessing and br...
V-260650 Use of weak or untested encryption algorithms undermines the purposes of util...
V-220746 The use of complex passwords increases their strength against guessing and br...
V-254287 The account lockout feature, when enabled, prevents brute-force password atta...
V-205630 The account lockout feature, when enabled, prevents brute-force password atta...
V-253299 The account lockout feature, when enabled, prevents brute-force password atta...
V-220741 The account lockout feature, when enabled, prevents brute-force password atta...
V-254257 The lack of password protection enables anyone to gain access to the informat...
V-205700 The lack of password protection enables anyone to gain access to the informat...
V-254293 Storing passwords using reversible encryption is essentially the same as stor...
V-205653 Storing passwords using reversible encryption is essentially the same as stor...
V-253305 Storing passwords using reversible encryption is essentially the same as stor...
V-220747 Storing passwords using reversible encryption is essentially the same as stor...
V-254453 Computer account passwords are changed automatically on a regular basis. Disa...
V-205815 Computer account passwords are changed automatically on a regular basis. Disa...
V-253441 Computer account passwords are changed automatically on a regular basis. Disa...
V-220917 Computer account passwords are changed automatically on a regular basis. Disa...
V-254286 The account lockout feature, when enabled, prevents brute-force password atta...
V-205629 The account lockout feature, when enabled, prevents brute-force password atta...
V-253298 The account lockout feature, when enabled, prevents brute-force password atta...
V-220740 The account lockout feature, when enabled, prevents brute-force password atta...
V-254483 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-205716 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254482 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-205811 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-253468 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-220944 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254485 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-205812 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-253471 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-220947 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254488 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-205813 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-253474 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-220950 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254486 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-205718 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-253472 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-220948 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254489 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-205720 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-253475 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-220951 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254484 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-205717 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-253469 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-220945 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254487 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-205719 UAC is a security mechanism for limiting the elevation of privileges, includi...
V-253473 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-220949 User Account Control (UAC) is a security mechanism for limiting the elevation...
V-254349 A system that does not require authentication when resuming from sleep may pr...
V-205867 A system that does not require authentication when resuming from sleep may pr...
V-253380 Authentication must always be required when accessing a system. This setting ...
V-220821 Authentication must always be required when accessing a system. This setting ...
V-254350 A system that does not require authentication when resuming from sleep may pr...
V-205868 A system that does not require authentication when resuming from sleep may pr...
V-253381 Authentication must always be required when accessing a system. This setting ...
V-220822 Authentication must always be required when accessing a system. This setting ...
V-254479 If the private key is discovered, an attacker can use the key to authenticate...
V-205651 If the private key is discovered, an attacker can use the key to authenticate...
V-254341 Maintaining an audit trail of system activity logs can help identify configur...
V-205638 Maintaining an audit trail of system activity logs can help identify configur...
V-220809 Maintaining an audit trail of system activity logs can help identify configur...
V-253367 Maintaining an audit trail of system activity logs can help identify configur...
V-254299 Protecting audit information also includes identifying and protecting the too...
V-205731 Protecting audit information also includes identifying and protecting the too...
V-254358 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-205796 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-253337 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-220779 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-254359 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-205797 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-253338 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-220780 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-254360 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-205798 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-253339 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-220781 Inadequate log size will cause the log to fill up quickly. This may prevent a...
V-254449 Maintaining an audit trail of system activity logs can help identify configur...
V-205644 Maintaining an audit trail of system activity logs can help identify configur...
V-253437 Maintaining an audit trail of system activity logs can help identify configur...
V-220913 Maintaining an audit trail of system activity logs can help identify configur...
V-254297 Maintaining an audit trail of system activity logs can help identify configur...
V-205641 Maintaining an audit trail of system activity logs can help identify configur...
V-253341 Maintaining an audit trail of system activity logs can help identify configur...
V-220783 Maintaining an audit trail of system activity logs can help identify configur...
V-254298 Maintaining an audit trail of system activity logs can help identify configur...
V-205642 Maintaining an audit trail of system activity logs can help identify configur...
V-253342 Maintaining an audit trail of system activity logs can help identify configur...
V-220784 Maintaining an audit trail of system activity logs can help identify configur...
V-254352 Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
V-205804 Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
V-253386 Allowing autoplay to execute may introduce malicious code to a system. Autopl...
V-220827 Allowing autoplay to execute may introduce malicious code to a system. Autopl...
V-254354 Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
V-205806 Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
V-253388 Allowing autoplay to execute may introduce malicious code to a system. Autopl...
V-220829 Allowing autoplay to execute may introduce malicious code to a system. Autopl...
V-254353 Allowing AutoRun commands to execute may introduce malicious code to a system...
V-205805 Allowing AutoRun commands to execute may introduce malicious code to a system...
V-253387 Allowing autorun commands to execute may introduce malicious code to a system...
V-220828 Allowing autorun commands to execute may introduce malicious code to a system...
V-205624 If temporary user accounts remain active when no longer needed or for an exce...
V-254334 When the WDigest Authentication protocol is enabled, plain-text passwords are...
V-205687 When the WDigest Authentication protocol is enabled, plain-text passwords are...
V-253358 When the WDigest Authentication protocol is enabled, plain text passwords are...
V-220800 When the WDigest Authentication protocol is enabled, plain text passwords are...
V-254500 Inappropriate granting of user rights can provide system, administrative, and...
V-205757 Inappropriate granting of user rights can provide system, administrative, and...
V-253490 Inappropriate granting of user rights can provide system, administrative, and...
V-220967 Inappropriate granting of user rights can provide system, administrative, and...
V-254417 WN22-DC-000330
V-205876 Enabling this setting on all domain controllers in a domain prevents domain m...
V-254416 Unsigned network traffic is susceptible to man-in-the-middle attacks, where a...
V-205820 Unsigned network traffic is susceptible to man-in-the-middle attacks, where a...
V-254391 Improper access permissions for directory data-related files could allow unau...
V-254392 Improper access permissions for directory data files could allow unauthorized...
V-205740 Improper access permissions for directory data files could allow unauthorized...
V-254427 The krbtgt account acts as a service account for the Kerberos Key Distributio...
V-205877 The krbtgt account acts as a service account for the Kerberos Key Distributio...
V-254441 Credential Guard uses virtualization-based security to protect data that coul...
V-205907 Credential Guard uses virtualization-based security to protect data that coul...
V-253370 Credential Guard uses virtualization-based security to protect information th...
V-220812 Credential Guard uses virtualization based security to protect information th...
V-253447 The default Windows configuration caches the last logon credentials for users...
V-220923 The default Windows configuration caches the last logon credentials for users...
V-254432 The default Windows configuration caches the last logon credentials for users...
V-205906 The default Windows configuration caches the last logon credentials for users...
V-254450 Requests sent on the secure channel are authenticated, and sensitive informat...
V-205821 Requests sent on the secure channel are authenticated, and sensitive informat...
V-254451 Requests sent on the secure channel are authenticated, and sensitive informat...
V-205822 Requests sent on the secure channel are authenticated, and sensitive informat...
V-254452 Requests sent on the secure channel are authenticated, and sensitive informat...
V-205823 Requests sent on the secure channel are authenticated, and sensitive informat...
V-254345 Registry entries for group policy settings can potentially be changed from th...
V-205866 Registry entries for group policy settings can potentially be changed from th...
V-253373 Enabling this setting and then selecting the "Process even if the Group ...
V-220814 Enabling this setting and then selecting the "Process even if the Group ...
V-254340 Additional security requirements are applied to UNC paths specified in harden...
V-205862 Additional security requirements are applied to UNC paths specified in harden...
V-253362 Additional security requirements are applied to Universal Naming Convention (...
V-250319 Additional security requirements are applied to Universal Naming Convention (...
V-254430 The username is one part of logon credentials that could be used to gain acce...
V-205696 The username is one part of logon credentials that could be used to gain acce...
V-253379 The username is one part of logon credentials that could be used to gain acce...
V-220820 The username is one part of logon credentials that could be used to gain acce...
V-254454 Computer account passwords are changed automatically on a regular basis. This...
V-205911 Computer account passwords are changed automatically on a regular basis. This...
V-253442 Computer account passwords are changed automatically on a regular basis. This...
V-220918 Computer account passwords are changed automatically on a regular basis. This...
V-254476 This setting controls the signing requirements for LDAP clients. This must be...
V-205920 This setting controls the signing requirements for LDAP clients. This must be...
V-253463 This setting controls the signing requirements for LDAP clients. This setting...
V-220939 This setting controls the signing requirements for LDAP clients. This setting...
V-253284 Attackers are constantly looking for vulnerabilities in systems and applicati...
V-220727 Attackers are constantly looking for vulnerabilities in systems and applicati...
V-254364 The shell protocol will limit the set of folders that applications can open w...
V-205872 The shell protocol will limit the set of folders that applications can open w...
V-253398 The shell protocol will limit the set of folders applications can open when r...
V-220839 The shell protocol will limit the set of folders applications can open when r...
V-254248 Malicious software can establish a base on individual desktops and servers. E...
V-205850 Malicious software can establish a base on individual desktops and servers. E...
V-253264 Malicious software can establish a base on individual desktops and servers. E...
V-220707 Malicious software can establish a base on individual desktops and servers. E...
V-254346 Some features may communicate with the vendor, sending system information or ...
V-205688 Some features may communicate with the vendor, sending system information or ...
V-253374 Some features may communicate with the vendor, sending system information or ...
V-220815 Some features may communicate with the vendor, sending system information or ...
V-254344 Compromised boot drivers can introduce malware prior to protection mechanisms...
V-205865 Compromised boot drivers can introduce malware prior to protection mechanisms...
V-253372 The default behavior is for Early Launch Antimalware - Boot-Start Driver Init...
V-220813 By being launched first by the kernel, ELAM ( Early Launch Antimalware) is en...
V-253275 IIS is not installed by default. Installation of Internet Information System ...
V-220718 Installation of Internet Information System (IIS) may allow unauthorized inte...
V-254456 Unattended systems are susceptible to unauthorized use and must be locked whe...
V-205633 Unattended systems are susceptible to unauthorized use and should be locked w...
V-253444 Unattended systems are susceptible to unauthorized use and must be locked whe...
V-220920 Unattended systems are susceptible to unauthorized use and should be locked w...
V-254347 Some features may communicate with the vendor, sending system information or ...
V-205689 Some features may communicate with the vendor, sending system information or ...
V-253376 Some features may communicate with the vendor, sending system information or ...
V-220817 Some features may communicate with the vendor, sending system information or ...
V-253382 Remote assistance allows another user to view or take control of the local se...
V-220823 Remote assistance allows another user to view or take control of the local se...
V-253395 Microsoft Defender SmartScreen helps protect systems from programs downloaded...
V-220836 Windows Defender SmartScreen helps protect systems from programs downloaded f...
V-254361 Microsoft Defender antivirus SmartScreen helps protect systems from programs ...
V-205692 Windows Defender SmartScreen helps protect systems from programs downloaded f...
V-254333 Slide shows that are displayed on the lock screen could display sensitive inf...
V-205686 Slide shows that are displayed on the lock screen could display sensitive inf...
V-254265 A firewall provides a line of defense against attack, allowing or blocking in...
V-253281 A firewall provides a line of defense against attack, allowing or blocking in...
V-220724 A firewall provides a line of defense against attack, allowing or blocking in...
V-214936 A firewall provides a line of defense against attack, allowing or blocking in...
V-254371 Basic authentication uses plain-text passwords that could be used to compromi...
V-205693 Basic authentication uses plain-text passwords that could be used to compromi...
V-253408 Basic authentication uses plain text passwords that could be used to compromi...
V-220854 Basic authentication uses plain text passwords that could be used to compromi...
V-223079 This policy setting allows you to manage whether Internet Explorer checks for...
V-223077 This policy setting determines whether Internet Explorer 11 uses 64-bit proce...
V-254348 Enabling interaction with the network selection UI allows users to change con...
V-205690 Enabling interaction with the network selection UI allows users to change con...
V-253378 Enabling interaction with the network selection UI allows users to change con...
V-220819 Enabling interaction with the network selection UI allows users to change con...
V-254370 Attachments from RSS feeds may not be secure. This setting will prevent attac...
V-205873 Attachments from RSS feeds may not be secure. This setting will prevent attac...
V-253407 Attachments from RSS feeds may not be secure. This setting will prevent attac...
V-220853 Attachments from RSS feeds may not be secure. This setting will prevent attac...
V-254457 Failure to display the logon banner prior to a logon attempt will negate lega...
V-253445 Failure to display the logon banner prior to a logon attempt will negate lega...
V-205631 Failure to display the logon banner prior to a logon attempt will negate lega...
V-220921 Failure to display the logon banner prior to a logon attempt will negate lega...
V-220844 The Windows Defender SmartScreen filter in Microsoft Edge provides warning me...
V-220841 The Windows Defender SmartScreen filter in Microsoft Edge provides warning me...
V-220840 The Windows Defender SmartScreen filter in Microsoft Edge provides warning me...
V-254466 Anonymous enumeration of SAM accounts allows anonymous logon users (null sess...
V-205914 Anonymous enumeration of SAM accounts allows anonymous logon users (null sess...
V-253453 Anonymous enumeration of SAM accounts allows anonymous log on users (null ses...
V-220929 Anonymous enumeration of SAM accounts allows anonymous log on users (null ses...
V-254467 Allowing anonymous logon users (null session connections) to list all account...
V-205724 Allowing anonymous logon users (null session connections) to list all account...
V-253454 Allowing anonymous logon users (null session connections) to list all account...
V-220930 Allowing anonymous logon users (null session connections) to list all account...
V-254339 Insecure guest logons allow unauthenticated access to shared folders. Shared ...
V-205861 Insecure guest logons allow unauthenticated access to shared folders. Shared ...
V-253360 Insecure guest logons allow unauthenticated access to shared folders. Shared ...
V-220802 Insecure guest logons allow unauthenticated access to shared folders. Shared ...
V-254473 Certain encryption types are no longer considered secure. The DES and RC4 enc...
V-205708 Certain encryption types are no longer considered secure. The DES and RC4 enc...
V-253460 Certain encryption types are no longer considered secure. This setting config...
V-220936 Certain encryption types are no longer considered secure. This setting config...
V-254460 The server message block (SMB) protocol provides the basis for many network o...
V-205825 The server message block (SMB) protocol provides the basis for many network o...
V-254475 The Kerberos v5 authentication protocol is the default for authentication of ...
V-205919 The Kerberos v5 authentication protocol is the default for authentication of ...
V-253462 The Kerberos v5 authentication protocol is the default for authentication of ...
V-220938 The Kerberos v5 authentication protocol is the default for authentication of ...
V-254461 The server message block (SMB) protocol provides the basis for many network o...
V-205826 The server message block (SMB) protocol provides the basis for many network o...
V-254463 The server message block (SMB) protocol provides the basis for many network o...
V-205827 The server message block (SMB) protocol provides the basis for many network o...
V-254464 The server message block (SMB) protocol provides the basis for many network o...
V-205828 The server message block (SMB) protocol provides the basis for many network o...
V-254468 Access by anonymous users must be restricted. If this setting is enabled, ano...
V-205915 Access by anonymous users must be restricted. If this setting is enabled, ano...
V-253455 Access by anonymous users must be restricted. If this setting is enabled, the...
V-220937 The LAN Manager hash uses a weak encryption algorithm and there are several t...
V-254277 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-205684 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-253288 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-220731 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-254276 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-205683 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-253287 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-220730 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-254471 NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
V-205917 NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
V-253458 NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
V-220934 NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
V-254469 Allowing anonymous access to named pipes or shares provides the potential for...
V-205725 Allowing anonymous access to named pipes or shares provides the potential for...
V-253456 Allowing anonymous access to named pipes or shares provides the potential for...
V-220932 Allowing anonymous access to named pipes or shares provides the potential for...
V-254433 The Windows SAM stores users' passwords. Restricting Remote Procedure Call (R...
V-205747 The Windows SAM stores users' passwords. Restricting Remote Procedure Call (R...
V-253457 The Windows SAM stores users' passwords. Restricting remote rpc connections t...
V-220933 The Windows SAM stores users' passwords. Restricting remote rpc connections t...
V-254470 Services using Local System that use Negotiate when reverting to NTLM authent...
V-205916 Services using Local System that use Negotiate when reverting to NTLM authent...
V-254477 Microsoft has implemented a variety of security support providers for use wit...
V-205921 Microsoft has implemented a variety of security support providers for use wit...
V-254478 Microsoft has implemented a variety of security support providers for use wit...
V-205922 Microsoft has implemented a variety of security support providers for use wit...
V-254462 Some non-Microsoft SMB servers only support unencrypted (plain-text) password...
V-205655 Some non-Microsoft SMB servers only support unencrypted (plain-text) password...
V-253450 Some non-Microsoft SMB servers only support unencrypted (plain text) password...
V-220926 Some non-Microsoft SMB servers only support unencrypted (plain text) password...
V-254275 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-205682 SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
V-254335 Configuring the system to disable IPv6 source routing protects against spoofing.
V-205858 Configuring the system to disable IPv6 source routing protects against spoofing.
V-253353 Configuring the system to disable IPv6 source routing protects against spoofing.
V-220795 Configuring the system to disable IPv6 source routing protects against spoofing.
V-254272 Unnecessary services increase the attack surface of a system. Some of these s...
V-205680 Unnecessary services increase the attack surface of a system. Some of these s...
V-253277 "Simple TCP/IP Services" is not installed by default. Some protocols and serv...
V-220720 Some protocols and services do not support required security features, such a...
V-254336 Configuring the system to disable IP source routing protects against spoofing.
V-205859 Configuring the system to disable IP source routing protects against spoofing.
V-254288 A system is more vulnerable to unauthorized access when system users recycle ...
V-205660 A system is more vulnerable to unauthorized access when system users recycle ...
V-253300 A system is more vulnerable to unauthorized access when system users recycle ...
V-220742 A system is more vulnerable to unauthorized access when system users recycle ...
V-254258 Passwords that do not expire or are reused increase the exposure of a passwor...
V-205658 Passwords that do not expire or are reused increase the exposure of a passwor...
V-253273 Passwords that do not expire increase exposure with a greater probability of ...
V-220716 Passwords that do not expire increase exposure with a greater probability of ...
V-254474 The LAN Manager hash uses a weak encryption algorithm and there are several t...
V-205654 The LAN Manager hash uses a weak encryption algorithm and there are several t...
V-253461 The LAN Manager hash uses a weak encryption algorithm and there are several t...
V-254377 Maintaining an audit trail of system activity logs can help identify configur...
V-205639 Maintaining an audit trail of system activity logs can help identify configur...
V-253414 Maintaining an audit trail of system activity logs can help identify configur...
V-220860 Maintaining an audit trail of system activity logs can help identify configur...
V-254278 Windows PowerShell 5.x added advanced logging features that can provide addit...
V-205685 Windows PowerShell 5.x added advanced logging features that can provide addit...
V-253285 Windows PowerShell 5.0 added advanced logging features which can provide addi...
V-220728 Windows PowerShell 5.0 added advanced logging features which can provide addi...
V-205869 Some features may communicate with the vendor, sending system information or ...
V-253393 Some features may communicate with the vendor, sending system information or ...
V-220834 Some features may communicate with the vendor, sending system information or ...
V-254367 This setting controls the ability of users to supply passwords automatically ...
V-205809 This setting controls the ability of users to supply passwords automatically ...
V-253404 This setting controls the ability of users to supply passwords automatically ...
V-220850 This setting controls the ability of users to supply passwords automatically ...
V-254369 Remote connections must be encrypted to prevent interception of data or sensi...
V-205637 Remote connections must be encrypted to prevent interception of data or sensi...
V-253406 Remote connections must be encrypted to prevent interception of data or sensi...
V-220852 Remote connections must be encrypted to prevent interception of data or sensi...
V-260469 A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, ...
V-260470 To mitigate the risk of unauthorized access to sensitive information by ent...
V-260471 If auditing is enabled late in the startup process, the actions of some sta...
V-260472 Restricting access to the kernel message buffer limits access only to root....
V-260473 Kernel core dumps may contain the full contents of system memory at the tim...
V-260474 Some adversaries launch attacks with the intent of executing code in nonexe...
V-260475 Some adversaries launch attacks with the intent of executing code in nonexe...
V-260476 Changes to any software components can have significant effects on the over...
V-260477 Previous versions of software components that are not removed from the info...
V-260478 Use of a complex password helps to increase the time and resources required...
V-260479 Inaccurate time stamps make it more difficult to correlate events and can l...
V-260480 Inaccurate time stamps make it more difficult to correlate events and can l...
V-260481 Inaccurate time stamps make it more difficult to correlate events and can l...
V-260482 It is detrimental for operating systems to provide, or install by default, ...
V-260483 It is detrimental for operating systems to provide, or install by default, ...
V-260484 Operating systems handling data requiring "data at rest" protections must e...
V-260485 Protecting audit information also includes identifying and protecting the t...
V-260486 If Ubuntu 22.04 LTS were to allow any user to make changes to software libr...
V-260487 If the operating system were to allow any user to make changes to software ...
V-260488 Only authorized personnel should be aware of errors and the details of the ...
V-260489 Any operating system providing too much information in error messages risks...
V-260490 Any operating system providing too much information in error messages risks...
V-260491 Only authorized personnel should be aware of errors and the details of the ...
V-260492 Protecting audit information also includes identifying and protecting the t...
V-260493 Protecting audit information also includes identifying and protecting the t...
V-260494 Protecting audit information also includes identifying and protecting the t...
V-260495 If Ubuntu 22.04 LTS were to allow any user to make changes to software libr...
V-260496 If Ubuntu 22.04 LTS were to allow any user to make changes to software libr...
V-260497 If the operating system were to allow any user to make changes to software ...
V-260498 If the operating system were to allow any user to make changes to software ...
V-260499 If the operating system were to allow any user to make changes to software ...
V-260500 If the operating system were to allow any user to make changes to software ...
V-260501 Only authorized personnel should be aware of errors and the details of the ...
V-260502 Only authorized personnel should be aware of errors and the details of the ...
V-260503 Only authorized personnel should be aware of errors and the details of the ...
V-260504 Only authorized personnel should be aware of errors and the details of the ...
V-260505 Only authorized personnel should be aware of errors and the details of the ...
V-260506 Only authorized personnel should be aware of errors and the details of the ...
V-260507 Protecting audit information also includes identifying and protecting the t...
V-260508 Only authorized personnel should be aware of errors and the details of the ...
V-260509 Only authorized personnel should be aware of errors and the details of the ...
V-260510 Only authorized personnel should be aware of errors and the details of the ...
V-260511 Only authorized personnel should be aware of errors and the details of the ...
V-260512 Any operating system providing too much information in error messages risks...
V-260513 Preventing unauthorized information transfers mitigates the risk of informa...
V-260514 Remote access services, such as those providing remote access to network de...
V-260515 Remote access services, such as those providing remote access to network de...
V-260516 Firewalls protect computers from network attacks by blocking or limiting ac...
V-260517 Denial of service (DoS) is a condition when a resource is not available for...
V-260518 To prevent unauthorized connection of devices, unauthorized transfer of inf...
V-260519 Inaccurate time stamps make it more difficult to correlate events and can l...
V-260520 Inaccurate time stamps make it more difficult to correlate events and can l...
V-260521 If time stamps are not consistently applied and there is no common time ref...
V-260522 DoS is a condition when a resource is not available for legitimate users. W...
V-260523 Without protection of the transmitted information, confidentiality and inte...
V-260524 Without protection of the transmitted information, confidentiality and inte...
V-260533 Without cryptographic integrity protections provided by FIPS-validated cryp...
V-260534 Nonlocal maintenance and diagnostic activities are those activities conduct...
V-260537 A session lock is a temporary action taken when a user stops work and moves...
V-260538 A session lock is a temporary action taken when a user stops work and moves...
V-260539 A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, ...
V-260540 Without authenticating devices, unidentified or unknown devices may be intr...
V-260541 Without protection of communications with wireless peripherals, confidentia...
V-260542 To ensure individual accountability and prevent unauthorized access, organi...
V-260543 To ensure accountability and prevent unauthenticated access, organizational...
V-260545 Enforcing a minimum password lifetime helps to prevent repeated password ch...
V-260546 Any password, no matter how complex, can eventually be cracked. Therefore, ...
V-260547 Inactive identifiers pose a risk to systems and applications because attack...
V-260535 Display of a standardized and approved use notification before granting acc...
V-260548 Temporary accounts are privileged or nonprivileged accounts established dur...
V-260549 By limiting the number of failed logon attempts, the risk of unauthorized s...
V-260550 Limiting the number of logon attempts over a certain time interval reduces ...
V-260552 Ubuntu 22.04 LTS management includes the ability to control the number of u...
V-260553 A session lock is a temporary action taken when a user stops work and moves...
V-260554 Terminating an idle interactive command shell user session within a short t...
V-260535 Display of a standardized and approved use notification before granting acc...
V-260536 Display of a standardized and approved use notification before granting acc...
V-260555 Setting the most restrictive default permissions ensures newly created acco...
V-260556 Control of program execution is a mechanism used to prevent execution of un...
V-260557 Control of program execution is a mechanism used to prevent execution of un...
V-260558 Without reauthentication, users may access resources or perform tasks for w...
V-260559 An isolation boundary provides access control and protects the integrity of...
V-260560 Use of a complex password helps to increase the time and resources required...
V-260561 Use of a complex password helps to increase the time and resources required...
V-260562 Use of a complex password helps to increase the time and resources required...
V-260563 Use of a complex password helps to increase the time and resources required...
V-260564 If Ubuntu 22.04 LTS allows the user to select passwords based on dictionary...
V-260565 The shorter the password, the lower the number of possible combinations tha...
V-260566 If the operating system allows the user to consecutively reuse extensive po...
V-260567 Use of a complex password helps to increase the time and resources required...
V-260569 Password complexity, or strength, is a measure of the effectiveness of a pa...
V-260570 If an account has an empty password, anyone could log on and run commands w...
V-260571 If an account has an empty password, anyone could log on and run commands w...
V-260572 Passwords need to be protected at all times, and encryption is the standard...
V-260573 Using an authentication device, such as a CAC or token separate from the in...
V-260574 The use of PIV credentials facilitates standardization and reduces the risk...
V-260575 Without the use of multifactor authentication, the ease of access to privil...
V-260576 The use of PIV credentials facilitates standardization and reduces the risk...
V-260577 Without path validation, an informed trust decision by the relying party ca...
V-260578 Without configuring a local cache of revocation data, there is the potentia...
V-260579 Without mapping the certificate used to authenticate to the user account, t...
V-260580 Untrusted certificate authorities (CA) can issue certificates, but they may...
V-260581 If cached authentication information is out-of-date, the validity of the au...
V-260582 Without verification of the security functions, security functions may not ...
V-260583 Without verification of the security functions, security functions may not ...
V-260584 Unauthorized changes to the baseline configuration could make the system vu...
V-260585 Without verification of the security functions, security functions may not ...
V-260586 Protecting the integrity of the tools used for auditing purposes is a criti...
V-260587 Information stored in one location is vulnerable to accidental or incidenta...
V-260588 Failure to a known state can address safety or security in accordance with ...
V-260589 Remote access services, such as those providing remote access to network de...
V-260590 Without establishing the when, where, type, source, and outcome of events t...
V-260591 Without establishing the when, where, type, source, and outcome of events t...
V-260592 Information stored in one location is vulnerable to accidental or incidenta...
V-260593 It is critical for the appropriate personnel to be aware if a system is at ...
V-260594 It is critical that when the operating system is at risk of failing to proc...
V-260595 To ensure operating systems have a sufficient storage capacity in which to ...
V-260596 If security personnel are not notified immediately when storage volume reac...
V-260597 Unauthorized disclosure of audit records can reveal system and configuratio...
V-260598 Unauthorized disclosure of audit records can reveal system and configuratio...
V-260599 Unauthorized disclosure of audit records can reveal system and configuratio...
V-260600 If audit information were to become compromised, then forensic analysis and...
V-260601 Without the capability to restrict which roles and individuals can select w...
V-260602 Without the capability to restrict which roles and individuals can select w...
V-260603 Without the capability to restrict which roles and individuals can select w...
V-260604 Without generating audit records specific to the security and mission needs...
V-260605 Without generating audit records that are specific to the security and miss...
V-260606 Without generating audit records that are specific to the security and miss...
V-260607 Without generating audit records that are specific to the security and miss...
V-260608 Without generating audit records that are specific to the security and miss...
V-260609 Without generating audit records that are specific to the security and miss...
V-260610 Without generating audit records that are specific to the security and miss...
V-260611 Without generating audit records that are specific to the security and miss...
V-260612 Without generating audit records that are specific to the security and miss...
V-260613 Without generating audit records that are specific to the security and miss...
V-260613 Without generating audit records that are specific to the security and miss...
V-260614 Without generating audit records that are specific to the security and miss...
V-260615 Without generating audit records that are specific to the security and miss...
V-260616 Without generating audit records that are specific to the security and miss...
V-260617 Without generating audit records that are specific to the security and miss...
V-260618 Without generating audit records that are specific to the security and miss...
V-260619 Without generating audit records that are specific to the security and miss...
V-260620 Without generating audit records that are specific to the security and miss...
V-260621 Without generating audit records that are specific to the security and miss...
V-260622 Without generating audit records that are specific to the security and miss...
V-260623 Without generating audit records that are specific to the security and miss...
V-260624 Without generating audit records that are specific to the security and miss...
V-260625 Without generating audit records that are specific to the security and miss...
V-260626 Without generating audit records that are specific to the security and miss...
V-260627 Without generating audit records that are specific to the security and miss...
V-260628 Once an attacker establishes access to a system, the attacker often attempt...
V-260629 Once an attacker establishes access to a system, the attacker often attempt...
V-260630 Once an attacker establishes access to a system, the attacker often attempt...
V-260631 Once an attacker establishes access to a system, the attacker often attempt...
V-260632 Once an attacker establishes access to a system, the attacker often attempt...
V-260633 Without generating audit records specific to the security and mission needs...
V-260634 Without generating audit records specific to the security and mission needs...
V-260635 Without generating audit records specific to the security and mission needs...
V-260636 Without generating audit records specific to the security and mission needs...
V-260637 Without generating audit records that are specific to the security and miss...
V-260638 Without generating audit records specific to the security and mission needs...
V-260639 Without generating audit records specific to the security and mission needs...
V-260640 Once an attacker establishes access to a system, the attacker often attempt...
V-260641 Without generating audit records specific to the security and mission needs...
V-260642 Without generating audit records specific to the security and mission needs...
V-260643 Without generating audit records specific to the security and mission needs...
V-260644 Without generating audit records specific to the security and mission needs...
V-260645 Without generating audit records specific to the security and mission needs...
V-260646 Without generating audit records specific to the security and mission needs...
V-260647 Without generating audit records specific to the security and mission needs...
V-260648 In certain situations, software applications/programs need to execute with ...
V-260649 If events associated with nonlocal administrative access or diagnostic sess...
V-260650 Use of weak or untested encryption algorithms undermines the purposes of ut...
V-224819 Using a privileged account to perform routine functions makes the computer ...
V-254365 Saving passwords in the Remote Desktop Client could allow an unauthorized use...
V-205808 Saving passwords in the Remote Desktop Client could allow an unauthorized use...
V-253402 Saving passwords in the Remote Desktop Client could allow an unauthorized use...
V-220848 Saving passwords in the Remote Desktop Client could allow an unauthorized use...
V-254366 Preventing users from sharing the local drives on their client computers with...
V-205722 Preventing users from sharing the local drives on their client computers with...
V-224820 The longer a password is in use, the greater the opportunity for someone to...
V-224821 Using applications that access the Internet or have potential Internet sour...
V-224822 Backup Operators are able to read and write to any file in the system, rega...
V-224823 Application/service account passwords must be of sufficient length to preve...
V-224824 Setting application account passwords to expire may cause applications to s...
V-224825 Shared accounts (accounts where two or more people log on with the same use...
V-224826 Using an allowlist provides a configuration management method to allow the ...
V-224827 Credential Guard uses virtualization-based security to protect data that co...
V-224828 Systems at unsupported servicing levels will not receive security updates f...
V-224829 Malicious software can establish a base on individual desktops and servers....
V-224830 A properly configured Host-based Intrusion Detection System (HIDS) or Host-...
V-224831 The ability to set access permissions and auditing is critical to maintaini...
V-224832 Changing the system's file and directory permissions allows the possibility...
V-224833 Changing the system's file and directory permissions allows the possibility...
V-224834 Changing the system's file and directory permissions allows the possibility...
V-224835 The registry is integral to the function, security, and stability of the Wi...
V-224836 Windows shares are a means by which files, folders, printers, and other res...
V-224837 Outdated or unused accounts provide penetration points that may go undetect...
V-224838 The lack of password protection enables anyone to gain access to the inform...
V-224839 Passwords that do not expire or are reused increase the exposure of a passw...
V-224840 Monitoring system files for changes against a baseline on a regular basis m...
V-224841 Shares on a system provide network access. To prevent exposing sensitive in...
V-254368 Allowing unsecure RPC communication exposes the system to man-in-the-middle a...
V-205636 Allowing unsecure RPC communication exposes the system to man-in-the-middle a...
V-254431 Unauthenticated RPC clients may allow anonymous access to sensitive informati...
V-205814 Unauthenticated RPC clients may allow anonymous access to sensitive informati...
V-253383 Configuring RPC to restrict unauthenticated RPC clients from connecting to th...
V-220824 Configuring RPC to restrict unauthenticated RPC clients from connecting to th...