Vulnerability Details

Microsoft Windows: Audit Other Logon/Logoff Events

Published: 2018-08-20 08:10:59

CVSS Base Vector:
AV:L/AC:H/Au:S/C:N/I:N/A:N

Report Confidence:
97

Summary:
Audit Other Logon/Logoff Events determines whether Windows generates audit events for other logon or logoff events. These other logon or logoff events include: - A Remote Desktop session connects or disconnects. - A workstation is locked or unlocked. - A screen saver is invoked or dismissed. - A replay attack is detected. This event indicates that a Kerberos request was received twice with identical information. This condition could also be caused by network misconfiguration. - A user is granted access to a wireless network. It can be either a user account or the computer account. - A user is granted access to a wired 802.1x network. It can be either a user account or the computer account. Logon events are essential to understanding user activity and detecting potential attacks. (C) Microsoft Corporation 2017.

References:

https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/audit-other-logonlogoff-events

Severity
Detection Plugin
CVSS Score
0.0
Published
2018-08-20
Modified
2019-12-13
Category
Policy

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.