專案資訊 #1064
進行中2025-PenTest
89%
概述
ADPT_TAHO_Remediation Tracker
Severity Ref. Weakness
NNN bookmark20250526222819601367469548 "Cleartext Passwords Stored in Domain Attributes
Several users, including domain admins, store their passwords in cleartext in domain attributes.
"
NN "4.3.2
MITRE-T1558
" "Domain Admin Vulnerable to Kerberoasting Attack
It is possible to obtain the encrypted Kerberos service ticket of a domain admin for offline password cracking.
"
NN bookmark20250528021100422251172311 "Dangerous Permission over Accounts with Replication Rights
All domain users have ForceChangePassword permission against three accounts which have DCsync ability.
"
NN bookmark20250528105554721728147917 "Dangerous Permisson over GPO that applies to object with high privileges
All domain users can modify GPO that will affect an OU containing domain admins."
bookmark20250527015003600759977664 "Sensitive Data Stored in Domain Controller’s Network Shares
"
N bookmark20230424152553354013409667 "Privileged Accounts with Never Expiring Passwords
"
"4.7.3
CWE-16
CWE-284
" "SMB NULL Session Authentication allowed on Domain Controllers
The SMB service on domain controllers allows users to authenticate using a NULL session, meaning that no user credentials need to be supplied to the server.
"
N bookmark2025052801463337292181788 "Use of ""Pre-Windows 2000 Compatible Access"" group
"
N bookmark20250529113929916258883991 "ADCS Web Enrollment Enabled for high-privileged accounts
"
N "4.7.2
KB2696547
" "SMB version 1 in use on Domain Controller
"
N bookmark20250526231504779653815004 "Krbtgt Password Unchanged for over 1 year
"
N bookmark20250528093106041557187875 "Dangerous Permission over Domain Context Root
"
N bookmark20250527150517990578686946 "Non-restricted Domain Join with Excessive Machine Account Quota
"
bookmark20250528012341779511785327 Presence of user principals in Schema Admins group
bookmark20230424152530055619155201 "Privileged acccount outside from 'Protected Users' group
"
bookmark2025052818064551592624366 "Overly Permissive Non-Privileged Accounts
"
bookmark20230424152607541378202907 "Object Owner Anomalies
"
bookmark20250528113440590525911882 "Dangerous Permission over Privileged Objects Containers
"
bookmark20250528101140588319445694 "Dangerous Permission over MicrosoftDNS server objects
"
bookmark20250527172903274457208324 "Dangerous Permission over Domain Controllers Group
"
bookmark2025052717152717274892035 "Dangerous Permission over adminSDHolder
"
bookmark20250527164529819756743971 "Dangerous Permission over DNSAdmins Group
"
檔案