bugcrowd
diff --git a/‎submissions/description/active_directory/configuration_weaknesses/recommendations.md‎
Lines changed: 1 addition & 1 deletion b/‎submissions/description/active_directory/configuration_weaknesses/recommendations.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎submissions/description/active_directory/configuration_weaknesses/template.md‎
Lines changed: 4 additions & 6 deletions b/‎submissions/description/active_directory/configuration_weaknesses/template.md‎
Lines changed: 4 additions & 6 deletions
diff --git a/‎submissions/description/internal_infrastructure/file_transfer_protocol_anonymous_login/guidance.md‎
Lines changed: 0 additions & 5 deletions b/‎submissions/description/internal_infrastructure/file_transfer_protocol_anonymous_login/guidance.md‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎submissions/description/internal_infrastructure/file_transfer_protocol_anonymous_login/recommendations.md‎
Lines changed: 0 additions & 5 deletions b/‎submissions/description/internal_infrastructure/file_transfer_protocol_anonymous_login/recommendations.md‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎submissions/description/internal_infrastructure/file_transfer_protocol_anonymous_login/template.md‎
Lines changed: 0 additions & 19 deletions b/‎submissions/description/internal_infrastructure/file_transfer_protocol_anonymous_login/template.md‎
Lines changed: 0 additions & 19 deletions
diff --git a/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_cipher_zero_authentication_bypass/guidance.md‎
Lines changed: 0 additions & 5 deletions b/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_cipher_zero_authentication_bypass/guidance.md‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_cipher_zero_authentication_bypass/recommendations.md‎
Lines changed: 0 additions & 3 deletions b/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_cipher_zero_authentication_bypass/recommendations.md‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_cipher_zero_authentication_bypass/template.md‎
Lines changed: 0 additions & 19 deletions b/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_cipher_zero_authentication_bypass/template.md‎
Lines changed: 0 additions & 19 deletions
diff --git a/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_v2_hash_disclosure/guidance.md‎
Lines changed: 0 additions & 5 deletions b/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_v2_hash_disclosure/guidance.md‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_v2_hash_disclosure/recommendations.md‎
Lines changed: 0 additions & 3 deletions b/‎submissions/description/internal_infrastructure/intelligent_platform_management_interface_v2_hash_disclosure/recommendations.md‎
Lines changed: 0 additions & 3 deletions
@@ -1,3 +1,3 @@
 # recommendation(s)
 
-Remove passwords and other sensitive information from all AD user account description fields.
+The specific remediation depends on the specific finding but should follow Microsoft's Active Directory security best practices. In general, enforce strong password policies, deploy LAPS for local administrator password management, remove unnecessary privileged group memberships, and implement an automated account lifecycle process.
@@ -1,16 +1,14 @@
-Active Directory (AD) user accounts were discovered with plaintext or easily decipherable passwords (or password fragments/hints) stored within their "Description" attribute.
-
-Storing passwords or sensitive information in the Description fields of user accounts may be practiced for administrative convenience, however, these account descriptions are retrievable by any authenticated domain user without any special privileges. 
-
-As a result, an attacker with access to any valid domain user could retrieve the sensitive data stored in account descriptions and leverage any resulting credentials to compromise the affected accounts. 
+Active Directory (AD) configuration weaknesses are insecure settings in the domain environment that increase the attack surface for credential theft, privilege escalation, and domain compromise. Common weaknesses include weak password policies, excessive privileged group membership, and shared local administrator passwords, amongst others. These confoguration weaknesses reduce the effort needed for an attacker to compromise the domain.
 
 **Business Risk**
 
 This vulnerability may lead to an attacker compromising the affected user accounts. The extent of malicious impact is dependent on the permissions of the compromised user.
 
 **Steps to Reproduce**
 
-<Provide numbered steps to reproduce this issue in the context of the in-scope domain>
+1. Authenticate to the domain as a low privileged user from {{attacker_host}}
+1. Enumerate the specific configuration weaknesses in the domain
+1. Compare and the observed configuration against the security baseline at {{baseline_reference}}
 
 **Proof of Concept (PoC)**
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`# recommendation(s)`
`2`	`2`
`3`		`-Remove passwords and other sensitive information from all AD user account description fields.`
	`3`	`+The specific remediation depends on the specific finding but should follow Microsoft's Active Directory security best practices. In general, enforce strong password policies, deploy LAPS for local administrator password management, remove unnecessary privileged group memberships, and implement an automated account lifecycle process.`