Identity Management / Highly Privileged Accounts Are Not in the Protected Users
Highly privileged accounts are not in the Protected Users group is an IT vulnerability related to identity management (CWE-264). This vulnerability occurs when privileged accounts are not part of the Protected Users group, allowing them to bypass the default security settings of the operating system. This type of vulnerability is classified under OWASP Testing Guide 4.0 as A10: Insufficient Logging & Monitoring.
The risk associated with this vulnerability is that the privileged accounts can bypass the security settings of the operating system, allowing attackers to gain access to restricted data and systems. This presents a high risk to the organization, as it can lead to a potential data breach and compromise the confidentiality, integrity, and availability of the organization's data and systems.
The solution to this vulnerability is to ensure that all privileged accounts are included in the Protected Users group. This will ensure that the default security settings of the operating system are enforced for all privileged accounts. Additionally, organizations should implement logging and monitoring systems to detect any suspicious activity associated with privileged accounts.