Anonymous access to the Registry is not restricted.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-1152	3.030	SV-25137r1_rule	ECCD-1 ECCD-2	High

Description
This is a Category I finding, because this vulnerability allows an anonymous individual read-access and write-access to some parts of the Registry. The permissions set for the Winreg subkey determine who can remotely connect to the Registry. If this subkey does not exist, all users can remotely connect to the Registry. To remotely connect to the Registry, a user must have at least read-access to the Winreg subkey on the target computer.

Description

This is a Category I finding, because this vulnerability allows an anonymous individual read-access and write-access to some parts of the Registry. The permissions set for the Winreg subkey determine who can remotely connect to the Registry. If this subkey does not exist, all users can remotely connect to the Registry. To remotely connect to the Registry, a user must have at least read-access to the Winreg subkey on the target computer.

STIG	Date
Windows 7 Security Technical Implementation Guide	2014-04-02

Details

Check Text ( C-26802r1_chk )
Using the Registry Editor, navigate to the following key: MACHINE/System/CurrentControlSet/Control/SecurePipeServers/Winreg If the key does not exist, then this is a finding. If the permissions are not at least as restrictive as those below, then this is a finding. Administrators - Full Backup Operators - Read(QENR) Local Service - Read

Fix Text (F-90r1_fix)
Configure the system to prevent anonymous users from gaining access to the Registry.