| Vulnerability ID |
Message |
|
V-254247
|
Systems at unsupported servicing levels will not receive security updates for...
|
|
V-205849
|
Systems at unsupported servicing levels will not receive security updates for...
|
|
V-253263
|
Windows 11 is maintained by Microsoft at servicing levels for specific period...
|
|
V-220706
|
Windows 10 is maintained by Microsoft at servicing levels for specific period...
|
|
V-254355
|
Enumeration of administrator accounts when elevating can provide part of the ...
|
|
V-205714
|
Enumeration of administrator accounts when elevating can provide part of the ...
|
|
V-253391
|
Enumeration of administrator accounts when elevating can provide part of the ...
|
|
V-220832
|
Enumeration of administrator accounts when elevating can provide part of the ...
|
|
V-205751
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-254289
|
The longer a password is in use, the greater the opportunity for someone to g...
|
|
V-205659
|
The longer a password is in use, the greater the opportunity for someone to g...
|
|
V-253301
|
The longer a password is in use, the greater the opportunity for someone to g...
|
|
V-220743
|
The longer a password is in use, the greater the opportunity for someone to g...
|
|
V-254447
|
The built-in administrator account is a well-known account subject to attack....
|
|
V-205909
|
The built-in administrator account is a well-known account subject to attack....
|
|
V-253435
|
The built-in administrator account is a well-known account subject to attack....
|
|
V-220911
|
The built-in administrator account is a well-known account subject to attack....
|
|
V-254291
|
Information systems not protected with strong password schemes (including pas...
|
|
V-205662
|
Information systems not protected with strong password schemes (including pas...
|
|
V-253303
|
Information systems not protected with strong password schemes (including pas...
|
|
V-220745
|
Information systems not protected with strong password schemes (including pas...
|
|
V-254290
|
Permitting passwords to be changed in immediate succession within the same da...
|
|
V-205656
|
Permitting passwords to be changed in immediate succession within the same da...
|
|
V-253302
|
Permitting passwords to be changed in immediate succession within the same da...
|
|
V-220744
|
Permitting passwords to be changed in immediate succession within the same da...
|
|
V-253385
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-220826
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-254351
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-205691
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-254448
|
The built-in guest account is a well-known user account on all Windows system...
|
|
V-205910
|
The built-in guest account is a well-known user account on all Windows system...
|
|
V-220912
|
The built-in guest account is a well-known user account on all Windows system...
|
|
V-253436
|
The built-in guest account is a well-known user account on all Windows system...
|
|
V-254424
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-254438
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-205670
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-205675
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-220971
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-253494
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-254440
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-205748
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-220973
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-253496
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-254426
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-205745
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-205908
|
An account without a password can allow unauthorized access to a system as on...
|
|
V-254446
|
An account without a password can allow unauthorized access to a system as on...
|
|
V-220910
|
An account without a password can allow unauthorized access to a system as on...
|
|
V-253434
|
An account without a password can allow unauthorized access to a system as on...
|
|
V-254429
|
A compromised local administrator account can provide means for an attacker t...
|
|
V-205715
|
A compromised local administrator account can provide means for an attacker t...
|
|
V-253357
|
A compromised local administrator account can provide means for an attacker t...
|
|
V-220799
|
A compromised local administrator account can provide means for an attacker t...
|
|
V-253432
|
The built-in administrator account is a well-known account subject to attack....
|
|
V-220908
|
The built-in administrator account is a well-known account subject to attack....
|
|
V-254445
|
A system faces an increased vulnerability threat if the built-in guest accoun...
|
|
V-205709
|
A system faces an increased vulnerability threat if the built-in guest accoun...
|
|
V-253433
|
A system faces an increased vulnerability threat if the built-in guest accoun...
|
|
V-220909
|
A system faces an increased vulnerability threat if the built-in guest accoun...
|
|
V-254250
|
The ability to set access permissions and auditing is critical to maintaining...
|
|
V-205663
|
The ability to set access permissions and auditing is critical to maintaining...
|
|
V-253265
|
The ability to set access permissions and auditing is critical to maintaining...
|
|
V-220708
|
The ability to set access permissions and auditing is critical to maintaining...
|
|
V-254372
|
Indexing of encrypted files may expose sensitive data. This setting prevents ...
|
|
V-205694
|
Indexing of encrypted files may expose sensitive data. This setting prevents ...
|
|
V-253409
|
Indexing of encrypted files may expose sensitive data. This setting prevents ...
|
|
V-220855
|
Indexing of encrypted files may expose sensitive data. This setting prevents ...
|
|
V-254494
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-253483
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-220960
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-254317
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-205840
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-253324
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-220766
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-254285
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-205795
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-253297
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-220739
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-254342
|
An exportable version of credentials is provided to remote hosts when using c...
|
|
V-205863
|
An exportable version of credentials is provided to remote hosts when using c...
|
|
V-253368
|
An exportable version of credentials is provided to remote hosts when using c...
|
|
V-220810
|
An exportable version of credentials is provided to remote hosts when using c...
|
|
V-254376
|
Windows can be configured to automatically sign the user back in after a Wind...
|
|
V-205925
|
Windows can be configured to automatically sign the user back in after a Wind...
|
|
V-253413
|
Windows can be configured to automatically sign the user back in after a Wind...
|
|
V-220859
|
Windows can be configured to automatically sign the user back in after a Wind...
|
|
V-260469
|
A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, ca...
|
|
V-254292
|
The use of complex passwords increases their strength against attack. The bui...
|
|
V-205652
|
The use of complex passwords increases their strength against attack. The bui...
|
|
V-253304
|
The use of complex passwords increases their strength against guessing and br...
|
|
V-260650
|
Use of weak or untested encryption algorithms undermines the purposes of util...
|
|
V-220746
|
The use of complex passwords increases their strength against guessing and br...
|
|
V-254287
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-205630
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-253299
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-220741
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-254257
|
The lack of password protection enables anyone to gain access to the informat...
|
|
V-205700
|
The lack of password protection enables anyone to gain access to the informat...
|
|
V-254293
|
Storing passwords using reversible encryption is essentially the same as stor...
|
|
V-205653
|
Storing passwords using reversible encryption is essentially the same as stor...
|
|
V-253305
|
Storing passwords using reversible encryption is essentially the same as stor...
|
|
V-220747
|
Storing passwords using reversible encryption is essentially the same as stor...
|
|
V-254453
|
Computer account passwords are changed automatically on a regular basis. Disa...
|
|
V-205815
|
Computer account passwords are changed automatically on a regular basis. Disa...
|
|
V-253441
|
Computer account passwords are changed automatically on a regular basis. Disa...
|
|
V-220917
|
Computer account passwords are changed automatically on a regular basis. Disa...
|
|
V-254286
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-205629
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-253298
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-220740
|
The account lockout feature, when enabled, prevents brute-force password atta...
|
|
V-254483
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-205716
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254482
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-205811
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-253468
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-220944
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254485
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-205812
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-253471
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-220947
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254488
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-205813
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-253474
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-220950
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254486
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-205718
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-253472
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-220948
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254489
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-205720
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-253475
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-220951
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254484
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-205717
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-253469
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-220945
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254487
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-205719
|
UAC is a security mechanism for limiting the elevation of privileges, includi...
|
|
V-253473
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-220949
|
User Account Control (UAC) is a security mechanism for limiting the elevation...
|
|
V-254349
|
A system that does not require authentication when resuming from sleep may pr...
|
|
V-205867
|
A system that does not require authentication when resuming from sleep may pr...
|
|
V-253380
|
Authentication must always be required when accessing a system. This setting ...
|
|
V-220821
|
Authentication must always be required when accessing a system. This setting ...
|
|
V-254350
|
A system that does not require authentication when resuming from sleep may pr...
|
|
V-205868
|
A system that does not require authentication when resuming from sleep may pr...
|
|
V-253381
|
Authentication must always be required when accessing a system. This setting ...
|
|
V-220822
|
Authentication must always be required when accessing a system. This setting ...
|
|
V-254479
|
If the private key is discovered, an attacker can use the key to authenticate...
|
|
V-205651
|
If the private key is discovered, an attacker can use the key to authenticate...
|
|
V-254341
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-205638
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-220809
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-253367
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-254299
|
Protecting audit information also includes identifying and protecting the too...
|
|
V-205731
|
Protecting audit information also includes identifying and protecting the too...
|
|
V-254358
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-205796
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-253337
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-220779
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-254359
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-205797
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-253338
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-220780
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-254360
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-205798
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-253339
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-220781
|
Inadequate log size will cause the log to fill up quickly. This may prevent a...
|
|
V-254449
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-205644
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-253437
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-220913
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-254297
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-205641
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-253341
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-220783
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-254298
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-205642
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-253342
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-220784
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-254352
|
Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
|
|
V-205804
|
Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
|
|
V-253386
|
Allowing autoplay to execute may introduce malicious code to a system. Autopl...
|
|
V-220827
|
Allowing autoplay to execute may introduce malicious code to a system. Autopl...
|
|
V-254354
|
Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
|
|
V-205806
|
Allowing AutoPlay to execute may introduce malicious code to a system. AutoPl...
|
|
V-253388
|
Allowing autoplay to execute may introduce malicious code to a system. Autopl...
|
|
V-220829
|
Allowing autoplay to execute may introduce malicious code to a system. Autopl...
|
|
V-254353
|
Allowing AutoRun commands to execute may introduce malicious code to a system...
|
|
V-205805
|
Allowing AutoRun commands to execute may introduce malicious code to a system...
|
|
V-253387
|
Allowing autorun commands to execute may introduce malicious code to a system...
|
|
V-220828
|
Allowing autorun commands to execute may introduce malicious code to a system...
|
|
V-205624
|
If temporary user accounts remain active when no longer needed or for an exce...
|
|
V-254334
|
When the WDigest Authentication protocol is enabled, plain-text passwords are...
|
|
V-205687
|
When the WDigest Authentication protocol is enabled, plain-text passwords are...
|
|
V-253358
|
When the WDigest Authentication protocol is enabled, plain text passwords are...
|
|
V-220800
|
When the WDigest Authentication protocol is enabled, plain text passwords are...
|
|
V-254500
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-205757
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-253490
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-220967
|
Inappropriate granting of user rights can provide system, administrative, and...
|
|
V-254417
|
WN22-DC-000330
|
|
V-205876
|
Enabling this setting on all domain controllers in a domain prevents domain m...
|
|
V-254416
|
Unsigned network traffic is susceptible to man-in-the-middle attacks, where a...
|
|
V-205820
|
Unsigned network traffic is susceptible to man-in-the-middle attacks, where a...
|
|
V-254391
|
Improper access permissions for directory data-related files could allow unau...
|
|
V-254392
|
Improper access permissions for directory data files could allow unauthorized...
|
|
V-205740
|
Improper access permissions for directory data files could allow unauthorized...
|
|
V-254427
|
The krbtgt account acts as a service account for the Kerberos Key Distributio...
|
|
V-205877
|
The krbtgt account acts as a service account for the Kerberos Key Distributio...
|
|
V-254441
|
Credential Guard uses virtualization-based security to protect data that coul...
|
|
V-205907
|
Credential Guard uses virtualization-based security to protect data that coul...
|
|
V-253370
|
Credential Guard uses virtualization-based security to protect information th...
|
|
V-220812
|
Credential Guard uses virtualization based security to protect information th...
|
|
V-253447
|
The default Windows configuration caches the last logon credentials for users...
|
|
V-220923
|
The default Windows configuration caches the last logon credentials for users...
|
|
V-254432
|
The default Windows configuration caches the last logon credentials for users...
|
|
V-205906
|
The default Windows configuration caches the last logon credentials for users...
|
|
V-254450
|
Requests sent on the secure channel are authenticated, and sensitive informat...
|
|
V-205821
|
Requests sent on the secure channel are authenticated, and sensitive informat...
|
|
V-254451
|
Requests sent on the secure channel are authenticated, and sensitive informat...
|
|
V-205822
|
Requests sent on the secure channel are authenticated, and sensitive informat...
|
|
V-254452
|
Requests sent on the secure channel are authenticated, and sensitive informat...
|
|
V-205823
|
Requests sent on the secure channel are authenticated, and sensitive informat...
|
|
V-254345
|
Registry entries for group policy settings can potentially be changed from th...
|
|
V-205866
|
Registry entries for group policy settings can potentially be changed from th...
|
|
V-253373
|
Enabling this setting and then selecting the "Process even if the Group ...
|
|
V-220814
|
Enabling this setting and then selecting the "Process even if the Group ...
|
|
V-254340
|
Additional security requirements are applied to UNC paths specified in harden...
|
|
V-205862
|
Additional security requirements are applied to UNC paths specified in harden...
|
|
V-253362
|
Additional security requirements are applied to Universal Naming Convention (...
|
|
V-250319
|
Additional security requirements are applied to Universal Naming Convention (...
|
|
V-254430
|
The username is one part of logon credentials that could be used to gain acce...
|
|
V-205696
|
The username is one part of logon credentials that could be used to gain acce...
|
|
V-253379
|
The username is one part of logon credentials that could be used to gain acce...
|
|
V-220820
|
The username is one part of logon credentials that could be used to gain acce...
|
|
V-254454
|
Computer account passwords are changed automatically on a regular basis. This...
|
|
V-205911
|
Computer account passwords are changed automatically on a regular basis. This...
|
|
V-253442
|
Computer account passwords are changed automatically on a regular basis. This...
|
|
V-220918
|
Computer account passwords are changed automatically on a regular basis. This...
|
|
V-254476
|
This setting controls the signing requirements for LDAP clients. This must be...
|
|
V-205920
|
This setting controls the signing requirements for LDAP clients. This must be...
|
|
V-253463
|
This setting controls the signing requirements for LDAP clients. This setting...
|
|
V-220939
|
This setting controls the signing requirements for LDAP clients. This setting...
|
|
V-253284
|
Attackers are constantly looking for vulnerabilities in systems and applicati...
|
|
V-220727
|
Attackers are constantly looking for vulnerabilities in systems and applicati...
|
|
V-254364
|
The shell protocol will limit the set of folders that applications can open w...
|
|
V-205872
|
The shell protocol will limit the set of folders that applications can open w...
|
|
V-253398
|
The shell protocol will limit the set of folders applications can open when r...
|
|
V-220839
|
The shell protocol will limit the set of folders applications can open when r...
|
|
V-254248
|
Malicious software can establish a base on individual desktops and servers. E...
|
|
V-205850
|
Malicious software can establish a base on individual desktops and servers. E...
|
|
V-253264
|
Malicious software can establish a base on individual desktops and servers. E...
|
|
V-220707
|
Malicious software can establish a base on individual desktops and servers. E...
|
|
V-254346
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-205688
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-253374
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-220815
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-254344
|
Compromised boot drivers can introduce malware prior to protection mechanisms...
|
|
V-205865
|
Compromised boot drivers can introduce malware prior to protection mechanisms...
|
|
V-253372
|
The default behavior is for Early Launch Antimalware - Boot-Start Driver Init...
|
|
V-220813
|
By being launched first by the kernel, ELAM ( Early Launch Antimalware) is en...
|
|
V-253275
|
IIS is not installed by default. Installation of Internet Information System ...
|
|
V-220718
|
Installation of Internet Information System (IIS) may allow unauthorized inte...
|
|
V-254456
|
Unattended systems are susceptible to unauthorized use and must be locked whe...
|
|
V-205633
|
Unattended systems are susceptible to unauthorized use and should be locked w...
|
|
V-253444
|
Unattended systems are susceptible to unauthorized use and must be locked whe...
|
|
V-220920
|
Unattended systems are susceptible to unauthorized use and should be locked w...
|
|
V-254347
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-205689
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-253376
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-220817
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-253382
|
Remote assistance allows another user to view or take control of the local se...
|
|
V-220823
|
Remote assistance allows another user to view or take control of the local se...
|
|
V-253395
|
Microsoft Defender SmartScreen helps protect systems from programs downloaded...
|
|
V-220836
|
Windows Defender SmartScreen helps protect systems from programs downloaded f...
|
|
V-254361
|
Microsoft Defender antivirus SmartScreen helps protect systems from programs ...
|
|
V-205692
|
Windows Defender SmartScreen helps protect systems from programs downloaded f...
|
|
V-254333
|
Slide shows that are displayed on the lock screen could display sensitive inf...
|
|
V-205686
|
Slide shows that are displayed on the lock screen could display sensitive inf...
|
|
V-254265
|
A firewall provides a line of defense against attack, allowing or blocking in...
|
|
V-253281
|
A firewall provides a line of defense against attack, allowing or blocking in...
|
|
V-220724
|
A firewall provides a line of defense against attack, allowing or blocking in...
|
|
V-214936
|
A firewall provides a line of defense against attack, allowing or blocking in...
|
|
V-254371
|
Basic authentication uses plain-text passwords that could be used to compromi...
|
|
V-205693
|
Basic authentication uses plain-text passwords that could be used to compromi...
|
|
V-253408
|
Basic authentication uses plain text passwords that could be used to compromi...
|
|
V-220854
|
Basic authentication uses plain text passwords that could be used to compromi...
|
|
V-223079
|
This policy setting allows you to manage whether Internet Explorer checks for...
|
|
V-223077
|
This policy setting determines whether Internet Explorer 11 uses 64-bit proce...
|
|
V-254348
|
Enabling interaction with the network selection UI allows users to change con...
|
|
V-205690
|
Enabling interaction with the network selection UI allows users to change con...
|
|
V-253378
|
Enabling interaction with the network selection UI allows users to change con...
|
|
V-220819
|
Enabling interaction with the network selection UI allows users to change con...
|
|
V-254370
|
Attachments from RSS feeds may not be secure. This setting will prevent attac...
|
|
V-205873
|
Attachments from RSS feeds may not be secure. This setting will prevent attac...
|
|
V-253407
|
Attachments from RSS feeds may not be secure. This setting will prevent attac...
|
|
V-220853
|
Attachments from RSS feeds may not be secure. This setting will prevent attac...
|
|
V-254457
|
Failure to display the logon banner prior to a logon attempt will negate lega...
|
|
V-253445
|
Failure to display the logon banner prior to a logon attempt will negate lega...
|
|
V-205631
|
Failure to display the logon banner prior to a logon attempt will negate lega...
|
|
V-220921
|
Failure to display the logon banner prior to a logon attempt will negate lega...
|
|
V-220844
|
The Windows Defender SmartScreen filter in Microsoft Edge provides warning me...
|
|
V-220841
|
The Windows Defender SmartScreen filter in Microsoft Edge provides warning me...
|
|
V-220840
|
The Windows Defender SmartScreen filter in Microsoft Edge provides warning me...
|
|
V-254466
|
Anonymous enumeration of SAM accounts allows anonymous logon users (null sess...
|
|
V-205914
|
Anonymous enumeration of SAM accounts allows anonymous logon users (null sess...
|
|
V-253453
|
Anonymous enumeration of SAM accounts allows anonymous log on users (null ses...
|
|
V-220929
|
Anonymous enumeration of SAM accounts allows anonymous log on users (null ses...
|
|
V-254467
|
Allowing anonymous logon users (null session connections) to list all account...
|
|
V-205724
|
Allowing anonymous logon users (null session connections) to list all account...
|
|
V-253454
|
Allowing anonymous logon users (null session connections) to list all account...
|
|
V-220930
|
Allowing anonymous logon users (null session connections) to list all account...
|
|
V-254339
|
Insecure guest logons allow unauthenticated access to shared folders. Shared ...
|
|
V-205861
|
Insecure guest logons allow unauthenticated access to shared folders. Shared ...
|
|
V-253360
|
Insecure guest logons allow unauthenticated access to shared folders. Shared ...
|
|
V-220802
|
Insecure guest logons allow unauthenticated access to shared folders. Shared ...
|
|
V-254473
|
Certain encryption types are no longer considered secure. The DES and RC4 enc...
|
|
V-205708
|
Certain encryption types are no longer considered secure. The DES and RC4 enc...
|
|
V-253460
|
Certain encryption types are no longer considered secure. This setting config...
|
|
V-220936
|
Certain encryption types are no longer considered secure. This setting config...
|
|
V-254460
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-205825
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-254475
|
The Kerberos v5 authentication protocol is the default for authentication of ...
|
|
V-205919
|
The Kerberos v5 authentication protocol is the default for authentication of ...
|
|
V-253462
|
The Kerberos v5 authentication protocol is the default for authentication of ...
|
|
V-220938
|
The Kerberos v5 authentication protocol is the default for authentication of ...
|
|
V-254461
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-205826
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-254463
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-205827
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-254464
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-205828
|
The server message block (SMB) protocol provides the basis for many network o...
|
|
V-254468
|
Access by anonymous users must be restricted. If this setting is enabled, ano...
|
|
V-205915
|
Access by anonymous users must be restricted. If this setting is enabled, ano...
|
|
V-253455
|
Access by anonymous users must be restricted. If this setting is enabled, the...
|
|
V-220937
|
The LAN Manager hash uses a weak encryption algorithm and there are several t...
|
|
V-254277
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-205684
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-253288
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-220731
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-254276
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-205683
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-253287
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-220730
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-254471
|
NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
|
|
V-205917
|
NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
|
|
V-253458
|
NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
|
|
V-220934
|
NTLM sessions that are allowed to fall back to Null (unauthenticated) session...
|
|
V-254469
|
Allowing anonymous access to named pipes or shares provides the potential for...
|
|
V-205725
|
Allowing anonymous access to named pipes or shares provides the potential for...
|
|
V-253456
|
Allowing anonymous access to named pipes or shares provides the potential for...
|
|
V-220932
|
Allowing anonymous access to named pipes or shares provides the potential for...
|
|
V-254433
|
The Windows SAM stores users' passwords. Restricting Remote Procedure Call (R...
|
|
V-205747
|
The Windows SAM stores users' passwords. Restricting Remote Procedure Call (R...
|
|
V-253457
|
The Windows SAM stores users' passwords. Restricting remote rpc connections t...
|
|
V-220933
|
The Windows SAM stores users' passwords. Restricting remote rpc connections t...
|
|
V-254470
|
Services using Local System that use Negotiate when reverting to NTLM authent...
|
|
V-205916
|
Services using Local System that use Negotiate when reverting to NTLM authent...
|
|
V-254477
|
Microsoft has implemented a variety of security support providers for use wit...
|
|
V-205921
|
Microsoft has implemented a variety of security support providers for use wit...
|
|
V-254478
|
Microsoft has implemented a variety of security support providers for use wit...
|
|
V-205922
|
Microsoft has implemented a variety of security support providers for use wit...
|
|
V-254462
|
Some non-Microsoft SMB servers only support unencrypted (plain-text) password...
|
|
V-205655
|
Some non-Microsoft SMB servers only support unencrypted (plain-text) password...
|
|
V-253450
|
Some non-Microsoft SMB servers only support unencrypted (plain text) password...
|
|
V-220926
|
Some non-Microsoft SMB servers only support unencrypted (plain text) password...
|
|
V-254275
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-205682
|
SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is...
|
|
V-254335
|
Configuring the system to disable IPv6 source routing protects against spoofing.
|
|
V-205858
|
Configuring the system to disable IPv6 source routing protects against spoofing.
|
|
V-253353
|
Configuring the system to disable IPv6 source routing protects against spoofing.
|
|
V-220795
|
Configuring the system to disable IPv6 source routing protects against spoofing.
|
|
V-254272
|
Unnecessary services increase the attack surface of a system. Some of these s...
|
|
V-205680
|
Unnecessary services increase the attack surface of a system. Some of these s...
|
|
V-253277
|
"Simple TCP/IP Services" is not installed by default. Some protocols and serv...
|
|
V-220720
|
Some protocols and services do not support required security features, such a...
|
|
V-254336
|
Configuring the system to disable IP source routing protects against spoofing.
|
|
V-205859
|
Configuring the system to disable IP source routing protects against spoofing.
|
|
V-254288
|
A system is more vulnerable to unauthorized access when system users recycle ...
|
|
V-205660
|
A system is more vulnerable to unauthorized access when system users recycle ...
|
|
V-253300
|
A system is more vulnerable to unauthorized access when system users recycle ...
|
|
V-220742
|
A system is more vulnerable to unauthorized access when system users recycle ...
|
|
V-254258
|
Passwords that do not expire or are reused increase the exposure of a passwor...
|
|
V-205658
|
Passwords that do not expire or are reused increase the exposure of a passwor...
|
|
V-253273
|
Passwords that do not expire increase exposure with a greater probability of ...
|
|
V-220716
|
Passwords that do not expire increase exposure with a greater probability of ...
|
|
V-254474
|
The LAN Manager hash uses a weak encryption algorithm and there are several t...
|
|
V-205654
|
The LAN Manager hash uses a weak encryption algorithm and there are several t...
|
|
V-253461
|
The LAN Manager hash uses a weak encryption algorithm and there are several t...
|
|
V-254377
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-205639
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-253414
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-220860
|
Maintaining an audit trail of system activity logs can help identify configur...
|
|
V-254278
|
Windows PowerShell 5.x added advanced logging features that can provide addit...
|
|
V-205685
|
Windows PowerShell 5.x added advanced logging features that can provide addit...
|
|
V-253285
|
Windows PowerShell 5.0 added advanced logging features which can provide addi...
|
|
V-220728
|
Windows PowerShell 5.0 added advanced logging features which can provide addi...
|
|
V-205869
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-253393
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-220834
|
Some features may communicate with the vendor, sending system information or ...
|
|
V-254367
|
This setting controls the ability of users to supply passwords automatically ...
|
|
V-205809
|
This setting controls the ability of users to supply passwords automatically ...
|
|
V-253404
|
This setting controls the ability of users to supply passwords automatically ...
|
|
V-220850
|
This setting controls the ability of users to supply passwords automatically ...
|
|
V-254369
|
Remote connections must be encrypted to prevent interception of data or sensi...
|
|
V-205637
|
Remote connections must be encrypted to prevent interception of data or sensi...
|
|
V-253406
|
Remote connections must be encrypted to prevent interception of data or sensi...
|
|
V-220852
|
Remote connections must be encrypted to prevent interception of data or sensi...
|
|
V-260469
|
A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, ...
|
|
V-260470
|
To mitigate the risk of unauthorized access to sensitive information by ent...
|
|
V-260471
|
If auditing is enabled late in the startup process, the actions of some sta...
|
|
V-260472
|
Restricting access to the kernel message buffer limits access only to root....
|
|
V-260473
|
Kernel core dumps may contain the full contents of system memory at the tim...
|
|
V-260474
|
Some adversaries launch attacks with the intent of executing code in nonexe...
|
|
V-260475
|
Some adversaries launch attacks with the intent of executing code in nonexe...
|
|
V-260476
|
Changes to any software components can have significant effects on the over...
|
|
V-260477
|
Previous versions of software components that are not removed from the info...
|
|
V-260478
|
Use of a complex password helps to increase the time and resources required...
|
|
V-260479
|
Inaccurate time stamps make it more difficult to correlate events and can l...
|
|
V-260480
|
Inaccurate time stamps make it more difficult to correlate events and can l...
|
|
V-260481
|
Inaccurate time stamps make it more difficult to correlate events and can l...
|
|
V-260482
|
It is detrimental for operating systems to provide, or install by default, ...
|
|
V-260483
|
It is detrimental for operating systems to provide, or install by default, ...
|
|
V-260484
|
Operating systems handling data requiring "data at rest" protections must e...
|
|
V-260485
|
Protecting audit information also includes identifying and protecting the t...
|
|
V-260486
|
If Ubuntu 22.04 LTS were to allow any user to make changes to software libr...
|
|
V-260487
|
If the operating system were to allow any user to make changes to software ...
|
|
V-260488
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260489
|
Any operating system providing too much information in error messages risks...
|
|
V-260490
|
Any operating system providing too much information in error messages risks...
|
|
V-260491
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260492
|
Protecting audit information also includes identifying and protecting the t...
|
|
V-260493
|
Protecting audit information also includes identifying and protecting the t...
|
|
V-260494
|
Protecting audit information also includes identifying and protecting the t...
|
|
V-260495
|
If Ubuntu 22.04 LTS were to allow any user to make changes to software libr...
|
|
V-260496
|
If Ubuntu 22.04 LTS were to allow any user to make changes to software libr...
|
|
V-260497
|
If the operating system were to allow any user to make changes to software ...
|
|
V-260498
|
If the operating system were to allow any user to make changes to software ...
|
|
V-260499
|
If the operating system were to allow any user to make changes to software ...
|
|
V-260500
|
If the operating system were to allow any user to make changes to software ...
|
|
V-260501
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260502
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260503
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260504
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260505
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260506
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260507
|
Protecting audit information also includes identifying and protecting the t...
|
|
V-260508
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260509
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260510
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260511
|
Only authorized personnel should be aware of errors and the details of the ...
|
|
V-260512
|
Any operating system providing too much information in error messages risks...
|
|
V-260513
|
Preventing unauthorized information transfers mitigates the risk of informa...
|
|
V-260514
|
Remote access services, such as those providing remote access to network de...
|
|
V-260515
|
Remote access services, such as those providing remote access to network de...
|
|
V-260516
|
Firewalls protect computers from network attacks by blocking or limiting ac...
|
|
V-260517
|
Denial of service (DoS) is a condition when a resource is not available for...
|
|
V-260518
|
To prevent unauthorized connection of devices, unauthorized transfer of inf...
|
|
V-260519
|
Inaccurate time stamps make it more difficult to correlate events and can l...
|
|
V-260520
|
Inaccurate time stamps make it more difficult to correlate events and can l...
|
|
V-260521
|
If time stamps are not consistently applied and there is no common time ref...
|
|
V-260522
|
DoS is a condition when a resource is not available for legitimate users. W...
|
|
V-260523
|
Without protection of the transmitted information, confidentiality and inte...
|
|
V-260524
|
Without protection of the transmitted information, confidentiality and inte...
|
|
V-260533
|
Without cryptographic integrity protections provided by FIPS-validated cryp...
|
|
V-260534
|
Nonlocal maintenance and diagnostic activities are those activities conduct...
|
|
V-260537
|
A session lock is a temporary action taken when a user stops work and moves...
|
|
V-260538
|
A session lock is a temporary action taken when a user stops work and moves...
|
|
V-260539
|
A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, ...
|
|
V-260540
|
Without authenticating devices, unidentified or unknown devices may be intr...
|
|
V-260541
|
Without protection of communications with wireless peripherals, confidentia...
|
|
V-260542
|
To ensure individual accountability and prevent unauthorized access, organi...
|
|
V-260543
|
To ensure accountability and prevent unauthenticated access, organizational...
|
|
V-260545
|
Enforcing a minimum password lifetime helps to prevent repeated password ch...
|
|
V-260546
|
Any password, no matter how complex, can eventually be cracked. Therefore, ...
|
|
V-260547
|
Inactive identifiers pose a risk to systems and applications because attack...
|
|
V-260535
|
Display of a standardized and approved use notification before granting acc...
|
|
V-260548
|
Temporary accounts are privileged or nonprivileged accounts established dur...
|
|
V-260549
|
By limiting the number of failed logon attempts, the risk of unauthorized s...
|
|
V-260550
|
Limiting the number of logon attempts over a certain time interval reduces ...
|
|
V-260552
|
Ubuntu 22.04 LTS management includes the ability to control the number of u...
|
|
V-260553
|
A session lock is a temporary action taken when a user stops work and moves...
|
|
V-260554
|
Terminating an idle interactive command shell user session within a short t...
|
|
V-260535
|
Display of a standardized and approved use notification before granting acc...
|
|
V-260536
|
Display of a standardized and approved use notification before granting acc...
|
|
V-260555
|
Setting the most restrictive default permissions ensures newly created acco...
|
|
V-260556
|
Control of program execution is a mechanism used to prevent execution of un...
|
|
V-260557
|
Control of program execution is a mechanism used to prevent execution of un...
|
|
V-260558
|
Without reauthentication, users may access resources or perform tasks for w...
|
|
V-260559
|
An isolation boundary provides access control and protects the integrity of...
|
|
V-260560
|
Use of a complex password helps to increase the time and resources required...
|
|
V-260561
|
Use of a complex password helps to increase the time and resources required...
|
|
V-260562
|
Use of a complex password helps to increase the time and resources required...
|
|
V-260563
|
Use of a complex password helps to increase the time and resources required...
|
|
V-260564
|
If Ubuntu 22.04 LTS allows the user to select passwords based on dictionary...
|
|
V-260565
|
The shorter the password, the lower the number of possible combinations tha...
|
|
V-260566
|
If the operating system allows the user to consecutively reuse extensive po...
|
|
V-260567
|
Use of a complex password helps to increase the time and resources required...
|
|
V-260569
|
Password complexity, or strength, is a measure of the effectiveness of a pa...
|
|
V-260570
|
If an account has an empty password, anyone could log on and run commands w...
|
|
V-260571
|
If an account has an empty password, anyone could log on and run commands w...
|
|
V-260572
|
Passwords need to be protected at all times, and encryption is the standard...
|
|
V-260573
|
Using an authentication device, such as a CAC or token separate from the in...
|
|
V-260574
|
The use of PIV credentials facilitates standardization and reduces the risk...
|
|
V-260575
|
Without the use of multifactor authentication, the ease of access to privil...
|
|
V-260576
|
The use of PIV credentials facilitates standardization and reduces the risk...
|
|
V-260577
|
Without path validation, an informed trust decision by the relying party ca...
|
|
V-260578
|
Without configuring a local cache of revocation data, there is the potentia...
|
|
V-260579
|
Without mapping the certificate used to authenticate to the user account, t...
|
|
V-260580
|
Untrusted certificate authorities (CA) can issue certificates, but they may...
|
|
V-260581
|
If cached authentication information is out-of-date, the validity of the au...
|
|
V-260582
|
Without verification of the security functions, security functions may not ...
|
|
V-260583
|
Without verification of the security functions, security functions may not ...
|
|
V-260584
|
Unauthorized changes to the baseline configuration could make the system vu...
|
|
V-260585
|
Without verification of the security functions, security functions may not ...
|
|
V-260586
|
Protecting the integrity of the tools used for auditing purposes is a criti...
|
|
V-260587
|
Information stored in one location is vulnerable to accidental or incidenta...
|
|
V-260588
|
Failure to a known state can address safety or security in accordance with ...
|
|
V-260589
|
Remote access services, such as those providing remote access to network de...
|
|
V-260590
|
Without establishing the when, where, type, source, and outcome of events t...
|
|
V-260591
|
Without establishing the when, where, type, source, and outcome of events t...
|
|
V-260592
|
Information stored in one location is vulnerable to accidental or incidenta...
|
|
V-260593
|
It is critical for the appropriate personnel to be aware if a system is at ...
|
|
V-260594
|
It is critical that when the operating system is at risk of failing to proc...
|
|
V-260595
|
To ensure operating systems have a sufficient storage capacity in which to ...
|
|
V-260596
|
If security personnel are not notified immediately when storage volume reac...
|
|
V-260597
|
Unauthorized disclosure of audit records can reveal system and configuratio...
|
|
V-260598
|
Unauthorized disclosure of audit records can reveal system and configuratio...
|
|
V-260599
|
Unauthorized disclosure of audit records can reveal system and configuratio...
|
|
V-260600
|
If audit information were to become compromised, then forensic analysis and...
|
|
V-260601
|
Without the capability to restrict which roles and individuals can select w...
|
|
V-260602
|
Without the capability to restrict which roles and individuals can select w...
|
|
V-260603
|
Without the capability to restrict which roles and individuals can select w...
|
|
V-260604
|
Without generating audit records specific to the security and mission needs...
|
|
V-260605
|
Without generating audit records that are specific to the security and miss...
|
|
V-260606
|
Without generating audit records that are specific to the security and miss...
|
|
V-260607
|
Without generating audit records that are specific to the security and miss...
|
|
V-260608
|
Without generating audit records that are specific to the security and miss...
|
|
V-260609
|
Without generating audit records that are specific to the security and miss...
|
|
V-260610
|
Without generating audit records that are specific to the security and miss...
|
|
V-260611
|
Without generating audit records that are specific to the security and miss...
|
|
V-260612
|
Without generating audit records that are specific to the security and miss...
|
|
V-260613
|
Without generating audit records that are specific to the security and miss...
|
|
V-260613
|
Without generating audit records that are specific to the security and miss...
|
|
V-260614
|
Without generating audit records that are specific to the security and miss...
|
|
V-260615
|
Without generating audit records that are specific to the security and miss...
|
|
V-260616
|
Without generating audit records that are specific to the security and miss...
|
|
V-260617
|
Without generating audit records that are specific to the security and miss...
|
|
V-260618
|
Without generating audit records that are specific to the security and miss...
|
|
V-260619
|
Without generating audit records that are specific to the security and miss...
|
|
V-260620
|
Without generating audit records that are specific to the security and miss...
|
|
V-260621
|
Without generating audit records that are specific to the security and miss...
|
|
V-260622
|
Without generating audit records that are specific to the security and miss...
|
|
V-260623
|
Without generating audit records that are specific to the security and miss...
|
|
V-260624
|
Without generating audit records that are specific to the security and miss...
|
|
V-260625
|
Without generating audit records that are specific to the security and miss...
|
|
V-260626
|
Without generating audit records that are specific to the security and miss...
|
|
V-260627
|
Without generating audit records that are specific to the security and miss...
|
|
V-260628
|
Once an attacker establishes access to a system, the attacker often attempt...
|
|
V-260629
|
Once an attacker establishes access to a system, the attacker often attempt...
|
|
V-260630
|
Once an attacker establishes access to a system, the attacker often attempt...
|
|
V-260631
|
Once an attacker establishes access to a system, the attacker often attempt...
|
|
V-260632
|
Once an attacker establishes access to a system, the attacker often attempt...
|
|
V-260633
|
Without generating audit records specific to the security and mission needs...
|
|
V-260634
|
Without generating audit records specific to the security and mission needs...
|
|
V-260635
|
Without generating audit records specific to the security and mission needs...
|
|
V-260636
|
Without generating audit records specific to the security and mission needs...
|
|
V-260637
|
Without generating audit records that are specific to the security and miss...
|
|
V-260638
|
Without generating audit records specific to the security and mission needs...
|
|
V-260639
|
Without generating audit records specific to the security and mission needs...
|
|
V-260640
|
Once an attacker establishes access to a system, the attacker often attempt...
|
|
V-260641
|
Without generating audit records specific to the security and mission needs...
|
|
V-260642
|
Without generating audit records specific to the security and mission needs...
|
|
V-260643
|
Without generating audit records specific to the security and mission needs...
|
|
V-260644
|
Without generating audit records specific to the security and mission needs...
|
|
V-260645
|
Without generating audit records specific to the security and mission needs...
|
|
V-260646
|
Without generating audit records specific to the security and mission needs...
|
|
V-260647
|
Without generating audit records specific to the security and mission needs...
|
|
V-260648
|
In certain situations, software applications/programs need to execute with ...
|
|
V-260649
|
If events associated with nonlocal administrative access or diagnostic sess...
|
|
V-260650
|
Use of weak or untested encryption algorithms undermines the purposes of ut...
|
|
V-224819
|
Using a privileged account to perform routine functions makes the computer ...
|
|
V-254365
|
Saving passwords in the Remote Desktop Client could allow an unauthorized use...
|
|
V-205808
|
Saving passwords in the Remote Desktop Client could allow an unauthorized use...
|
|
V-253402
|
Saving passwords in the Remote Desktop Client could allow an unauthorized use...
|
|
V-220848
|
Saving passwords in the Remote Desktop Client could allow an unauthorized use...
|
|
V-254366
|
Preventing users from sharing the local drives on their client computers with...
|
|
V-205722
|
Preventing users from sharing the local drives on their client computers with...
|
|
V-224820
|
The longer a password is in use, the greater the opportunity for someone to...
|
|
V-224821
|
Using applications that access the Internet or have potential Internet sour...
|
|
V-224822
|
Backup Operators are able to read and write to any file in the system, rega...
|
|
V-224823
|
Application/service account passwords must be of sufficient length to preve...
|
|
V-224824
|
Setting application account passwords to expire may cause applications to s...
|
|
V-224825
|
Shared accounts (accounts where two or more people log on with the same use...
|
|
V-224826
|
Using an allowlist provides a configuration management method to allow the ...
|
|
V-224827
|
Credential Guard uses virtualization-based security to protect data that co...
|
|
V-224828
|
Systems at unsupported servicing levels will not receive security updates f...
|
|
V-224829
|
Malicious software can establish a base on individual desktops and servers....
|
|
V-224830
|
A properly configured Host-based Intrusion Detection System (HIDS) or Host-...
|
|
V-224831
|
The ability to set access permissions and auditing is critical to maintaini...
|
|
V-224832
|
Changing the system's file and directory permissions allows the possibility...
|
|
V-224833
|
Changing the system's file and directory permissions allows the possibility...
|
|
V-224834
|
Changing the system's file and directory permissions allows the possibility...
|
|
V-224835
|
The registry is integral to the function, security, and stability of the Wi...
|
|
V-224836
|
Windows shares are a means by which files, folders, printers, and other res...
|
|
V-224837
|
Outdated or unused accounts provide penetration points that may go undetect...
|
|
V-224838
|
The lack of password protection enables anyone to gain access to the inform...
|
|
V-224839
|
Passwords that do not expire or are reused increase the exposure of a passw...
|
|
V-224840
|
Monitoring system files for changes against a baseline on a regular basis m...
|
|
V-224841
|
Shares on a system provide network access. To prevent exposing sensitive in...
|
|
V-254368
|
Allowing unsecure RPC communication exposes the system to man-in-the-middle a...
|
|
V-205636
|
Allowing unsecure RPC communication exposes the system to man-in-the-middle a...
|
|
V-254431
|
Unauthenticated RPC clients may allow anonymous access to sensitive informati...
|
|
V-205814
|
Unauthenticated RPC clients may allow anonymous access to sensitive informati...
|
|
V-253383
|
Configuring RPC to restrict unauthenticated RPC clients from connecting to th...
|
|
V-220824
|
Configuring RPC to restrict unauthenticated RPC clients from connecting to th...
|