Skip to main content
All CollectionsRemediations
Terminal Services Doesn't Use Network Level Authentication (NLA) Only Vulnerability
Terminal Services Doesn't Use Network Level Authentication (NLA) Only Vulnerability
Alan Butcher avatar
Written by Alan Butcher
Updated over a week ago

The Terminal Services Doesn't Use Network Level Authentication (NLA) Only vulnerability when detected with a vulnerability scanner will report it as a CVSSv3 4.0.

CVSS is a scoring system for vulnerability systems, its an industry standard scoring system to mark findings against a specific number ranging from 0 to 10. They are shown as:

The default configuration of Windows allows remote users to connect over the network and initiate a full RDP session without providing any credentials. This allows an untrusted user to land on the system login page as shown below:

Several risks are associated with this functionality; an attacker is now able to: 1) Accurately fingerprint the version of Windows 2) Potentially identify user accounts on the system 3) Leverage the RDP service to consume excessive system resources.

To enable network level access on Windows:

Open the Group Policy Editor by typing ‘gpedit’

1. Navigate to the following:
Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security

2. Double click on “Require user authentication for remote connections by using Network Level Authentication”

3. Check ‘Enabled’. Apply. Save.

After making all the changes required, reboot the server for the changes to take effect. Restarting the services will now implement the changes.

Did this answer your question?