Описание
Active Directory Denial of Service Vulnerability
A denial of service vulnerability exists in Active Directory when an authenticated attacker creates multiple machine accounts. An attacker who successfully exploited this vulnerability could cause the Active Directory service to become nonresponsive.
To exploit this vulnerability, an attacker must have valid credentials. An attacker could exploit this vulnerability by creating multiple machine accounts, resulting in denial of service.
The update addresses the vulnerability by correcting how machine accounts are created.
Меры по смягчению последствий
The following mitigating factors might be helpful in your situation:
To exploit this vulnerability, an attacker must have an account that has privileges to join machines to the domain. If an attacker cannot join new machines to the domain, the vulnerability cannot be exploited.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | ||
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Windows Server 2012 | ||
| Windows Server 2012 (Server Core installation) | ||
| Windows Server 2012 R2 | ||
| Windows Server 2012 R2 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
Связанные уязвимости
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability."
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability."
Уязвимость операционной системы Windows, позволяющая нарушителю вызвать отказ в обслуживании
EPSS