Impacts
Last updated
Was this helpful?
Last updated
Was this helpful?
The Impacts page provides a combined list of issues grouped by relevant impact, making it a valuable resource for preparing a remediation roadmap and addressing threats beyond just vulnerabilities. This page also displays Exposure Points and associated Risk levels, helping prioritize actions effectively and focus on the most critical areas to mitigate potential risks.
Each card contains Impact Name as a header and lists of issues that contain Severity, Ease of Mitigation ,Tags, and Exposure Points. Cards are sorted by the risk of impact and issues are sorted by the Ease of Mitigation metric.
FSProtect maps Issues by the Impacts below.
Issues that complicated the account management lifecycle and inventory management.
Issues that exposed account credentials/sessions in different ways to a possible breach.
Issues related to a special Kerberos protocol attack vector named AS-REP Roasting.
Issues that lead to exploitation of old/unsupported or unpatched versions of services like NETLOGON, RDP, KDC etc.
Issues that lead to exploitation of old/unsupported, unpatched, or misconfigured versions of SMB Protocol.
Issues related to a special NTLM protocol attack vector named NTLM Relay.
Issues that lead to exploitation of an insecure way of delegation.
Issues that lead to information-gathering attacks through shared files with misconfigured/broad access control entries.
Issues (backdoors) that lead to exploitation of misconfigured Resource-Based Constrained Delegation method.
Issues that lead to information-gathering attacks through misconfigured SMB protocol.
Issues related to suspicious modification of PrimaryGroupID attribute to ensure persistence.
Issues related to precautions about exploitations of multiple delegation methods.
Issues that exposed generally local administrator account credentials as plain text to everyone in the domain through Group Policy Preferences.
Issues related to a special Kerberos protocol attack vector named Kerberoasting.
Issues related to precautions about special Kerberos persistence attack vector named Golden Ticket.
Issues related to misconfigured privileges that break the tiering model which are mostly caused by group memberships and service management.
Issues that create so many attack paths because of misconfigured/broad access control entry definitions.
Issues that affect the availability and resilience of the Active Directory.
Issues that lead to privilege escalation paths through builtin privileged group memberships.
Issues related to suspicious modification of access control entries on important objects to ensure persistence.
Issues that complicated the Group Policy lifecyle and inventory management.
Issues related to Exchange Service and NTLM attack vector that leads to privilege escalation and total domain compromise.
Issues related to suspicious modification of SIDHistory attributes of objects to ensure persistence.
Issues that lead to information-gathering attacks through LDAP protocol which are caused by misconfiguration of the dSHeuristics attribute.
Issues that lead to information-gathering attacks through NSPI protocol which are caused by misconfiguration of the dSHeuristics attribute.
Issues that lead to exploitation of misconfigured Constrained Delegation method.
Issues that lead to privilege escalation through the exploitation of misconfigured Certificate Templates.
Issues that lead to privilege escalation through the exploitation of misconfigured Certificate Authorities.
Issues that lead to privilege escalation through the exploitation of misconfigured Certificate Enrollment Services.
