f3afb7e7-d38a-42f2-8290-56da3b445913
Enumeration of administrator accounts when elevating can provide part of the logon information to an unauthorized user. This setting configures the system to always require users to type in a username and password to elevate a running application.
To fix this configure the policy value for:
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Credential User Interface
|_ Enumerate administrator accounts on elevation to "Disabled"
STIG: Server
2022: https://system32.eventsentry.com/stig/viewer/V-254355
2019: https://system32.eventsentry.com/stig/viewer/V-205714
Desktop:
W11: https://system32.eventsentry.com/stig/viewer/V-253391
W10: https://system32.eventsentry.com/stig/viewer/V-220832
Nist 800-53: CM-1, CM-2, CM-6, CM-7, CM-7(1), CM-9, SA-3, SA-8, SA-10
Nist 800-171: 3.1.12.a, 3.1.16.a, 3.1.18.a, 3.1.18.c, 3.4.1.a, 3.4.2.a, 3.4.6.a, 3.4.6.b, 3.4.6.a, 3.4.6.b, 3.4.6.d, 3.5.7.e, 3.5.7.f, 3.5.12.d
CSCv7: 5.1
Owasp Top 10: A01:2021, A02:2021, A03:2021, A04:2021, A05:2021, A06:2021, A07:2021, A08:2021, A09:2021, A10:2021
PCI-DSS v3.2: 1.1, 1.1.1, 2.2, 2.2.1, 2.2.2, 2.2.3,2.2.4
PCI-DSS v4: 1.1, 1.2.1, 1.2.6, 2.2.1, 8.3.2, 8.5, 10.2, 10.2.1, 10.2.1.1, 10.2.1.2, 10.2.1.3, 10.2.1.4, 10.2.1.5, 10.2.1.6, 10.2.1.7, 10.2.2, 10.6, 10.6.1, 10.6, 10.6.1, 10.6.2, 10.6.3,11.2
CMMC v2.1: CM.L2-3.4.1, CM.L2-3.4.2, CM.L2-3.4.1, CM.L2-3.4.2, CM.L3-3.4.1e, CM.L3-3.4.2e, SI.L3-3.14.3e
Manage your cookie preferences below:
To learn more about our use of cookies, please see our
Privacy Policy.