Impacts page provides combined lists of issues by relevant Impact. This page can be useful for preparing a remediation roadmap and mitigating the threats not only vulnerabilities.

Each card contains Impact Name as a header and lists of issues that contain Severity, Ease of Mitigation, and Tags. Cards are sorted by the risk of impact and issues are sorted by the Ease of Mitigation metric.

FSProtect maps Issues by the Impacts below.

Account Management Issues

Issues that complicated the account management lifecycle and inventory management.

Credential Theft Attacks

Issues that exposed account credentials/sessions in different ways to a possible breach.

AS-REP Roasting

Issues related to a special Kerberos protocol attack vector named AS-REP Roasting.

Exploitation of Unpatched Services

Issues that lead to exploitation of old/unsupported or unpatched versions of services like NETLOGON, RDP, KDC etc.

Exploitation of SMB Protocol

Issues that lead to exploitation of old/unsupported, unpatched, or misconfigured versions of SMB Protocol.

NTLM Relay

Issues related to a special NTLM protocol attack vector named NTLM Relay.

Unconstrained Delegation Exploitation

Issues that lead to exploitation of an insecure way of delegation.

Reconnaissance with Shared Files

Issues that lead to information-gathering attacks through shared files with misconfigured/broad access control entries.

Resource Based Constrained Delegation Exploitation

Issues (backdoors) that lead to exploitation of misconfigured Resource-Based Constrained Delegation method.

Reconnaissance with Null Session

Issues that lead to information-gathering attacks through misconfigured SMB protocol.

Persistence with PrimaryGroupID Modification

Issues related to suspicious modification of PrimaryGroupID attribute to ensure persistence.

Delegation Exploitation

Issues related to precautions about exploitations of multiple delegation methods.

Plaintext Password Extraction from GPP

Issues that exposed generally local administrator account credentials as plain text to everyone in the domain through Group Policy Preferences.

Kerberoasting

Issues related to a special Kerberos protocol attack vector named Kerberoasting.

Golden Ticket

Issues related to precautions about special Kerberos persistence attack vector named Golden Ticket.

Misconfigured Privilege Exploitation

Issues related to misconfigured privileges that break the tiering model which are mostly caused by group memberships and service management.

ACL Based Attack Path Exploitation

Issues that create so many attack paths because of misconfigured/broad access control entry definitions.

Bussiness Continuity Issues

Issues that affect the availability and resilience of the Active Directory.

Privilege Escalation with Builtin Groups

Issues that lead to privilege escalation paths through builtin privileged group memberships.

Persistence with Access Control Entries

Issues related to suspicious modification of access control entries on important objects to ensure persistence.

GPO Management Issues

Issues that complicated the Group Policy lifecyle and inventory management.

PrivExchange

Issues related to Exchange Service and NTLM attack vector that leads to privilege escalation and total domain compromise.

Persistence with SID-History Injection

Issues related to suspicious modification of SIDHistory attributes of objects to ensure persistence.

Reconnaissance with LDAP Protocol

Issues that lead to information-gathering attacks through LDAP protocol which are caused by misconfiguration of the dSHeuristics attribute.

Reconnaissance with NSPI Protocol

Issues that lead to information-gathering attacks through NSPI protocol which are caused by misconfiguration of the dSHeuristics attribute.

Constrained Delegation Exploitation

Issues that lead to exploitation of misconfigured Constrained Delegation method.

Privilege Escalation with Certificate Template Abuse

Issues that lead to privilege escalation through the exploitation of misconfigured Certificate Templates.

Privilege Escalation with Certificate Authority Abuse

Issues that lead to privilege escalation through the exploitation of misconfigured Certificate Authorities.

Privilege Escalation with Certificate Service Abuse

Issues that lead to privilege escalation through the exploitation of misconfigured Certificate Enrollment Services.