From b368d036cf265ed680fe7b4a5ea2a36aa1ef36c0 Mon Sep 17 00:00:00 2001
From: frack113 <62423083+frack113@users.noreply.github.com>
Date: Thu, 16 Dec 2021 22:44:45 +0100
Subject: [PATCH] change level to medium

---
 .../system/win_vul_cve_2021_42278_or_cve_2021_42287.yml       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/windows/builtin/system/win_vul_cve_2021_42278_or_cve_2021_42287.yml b/rules/windows/builtin/system/win_vul_cve_2021_42278_or_cve_2021_42287.yml
index cef7ef843..fe76fdee3 100644
--- a/rules/windows/builtin/system/win_vul_cve_2021_42278_or_cve_2021_42287.yml
+++ b/rules/windows/builtin/system/win_vul_cve_2021_42278_or_cve_2021_42287.yml
@@ -30,7 +30,7 @@ fields:
     - samAccountName
 falsepositives:
     - Unknown 
-level: high
+level: medium
 tags:
     - attack.credential_access
-    - attack.t1558.003 
\ No newline at end of file
+    - attack.t1558.003