Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Registry Permissions in DISA Benchmarks #566

Open
PfeilImKopf opened this issue Apr 19, 2024 · 2 comments
Open

Registry Permissions in DISA Benchmarks #566

PfeilImKopf opened this issue Apr 19, 2024 · 2 comments
Assignees
@qngngyn
Labels
bug Something isn't working
Milestone
On Hold

Comments

@PfeilImKopf
Copy link
Collaborator

PfeilImKopf commented Apr 19, 2024
edited
Loading

Operating System

Microsoft Windows Server 2022

Report Name

Microsoft Windows Server 2019 DC

Benchmark and ID (OPTIONAL)

DISA Windows Server 2019 Security Technical Implementation Guide, Version: V1R2 | RegistryPermissions | WN19-00-000170 A ; WN19-00-000170 B; WN19-00-000170 C

What happened?

  1. The Hive-names in the tasks corresponding to those IDs are named incorrectly.
  2. The output of the ID (C) seems to be duplicated
    image

What did you expect?

  1. Further information to the hive names: further information here: https://www.stigviewer.com/stig/windows_server_2019/2019-12-12/finding/V-93025
  2. no duplicates
  3. probably in other DISA benchmarks as well!

Current Version?

I used the latest official release.
@PfeilImKopf PfeilImKopf added the bug Something isn't working label Apr 19, 2024
@PfeilImKopf PfeilImKopf changed the title [Bug]: [Bug]: Registry Permissions in DISA Bnchmarks Apr 19, 2024
@PfeilImKopf PfeilImKopf mentioned this issue Apr 19, 2024
Open
@TuemmlerKelch TuemmlerKelch changed the title [Bug]: Registry Permissions in DISA Bnchmarks Registry Permissions in DISA Benchmarks Apr 29, 2024
@TuemmlerKelch TuemmlerKelch added this to the 5.11 milestone Aug 16, 2024
@TuemmlerKelch
Copy link
Collaborator

Good find.
Not only are we missing the specific hint towards which hive is checked (SECURITY, SOFTWARE, SYSTEM) but also does DISA explicitly declared the long SID (related to Edge Sandbox feature) being mentioned in the B and C-check as "not being a finding".
Also, C-Check seems to spit out duplicate messages for each account.

@TuemmlerKelch TuemmlerKelch modified the milestones: 5.11, 5.12 Jan 10, 2025
@TuemmlerKelch TuemmlerKelch modified the milestones: 5.12, 5.11 Jan 10, 2025
@TuemmlerKelch TuemmlerKelch modified the milestones: 5.11, On Hold Feb 4, 2025
@TuemmlerKelch
Copy link
Collaborator

These got removed during Update from V1R2 to V1R5.
With next update to current DISA Benchmarks, this will get a proper implementation. Set to "ON HOLD"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@qngngyn qngngyn

Labels
bug Something isn't working
Projects
None yet
Milestone
On Hold
Development

No branches or pull requests
3 participants
@PfeilImKopf @TuemmlerKelch @qngngyn