CVE-2021-26897

Опубликовано: 09 мар. 2021

Источник: msrc

CVSS3: 9.8

EPSS Средний

Описание

Windows DNS Server Remote Code Execution Vulnerability

Меры по смягчению последствий

The following mitigating factors may be helpful in your situation:

To be vulnerable, a DNS server would need to have dynamic updates enabled.

FAQ

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.

If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.

Обновления

Продукт	Статья	Обновление
Windows Server 2008 for 32-bit Systems Service Pack 2	5000844 5000856	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2	5000844 5000856	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)	5000844 5000856	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)	5000841 5000851	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1	5000841 5000851	Monthly Rollup Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)	5000844 5000856	Monthly Rollup Security Only
Windows Server 2012	5000847 5000840	Monthly Rollup Security Only
Windows Server 2012 (Server Core installation)	5000847 5000840	Monthly Rollup Security Only
Windows Server 2012 R2	5000848 5000853	Monthly Rollup Security Only
Windows Server 2012 R2 (Server Core installation)	5000848 5000853	Monthly Rollup Security Only

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation More Likely

Older Software Release

Exploitation More Likely

DOS

N/A

EPSS

Процентиль: 93%

0.10792

Средний

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2021-26897

CVSS3: 9.8

nvd

больше 4 лет назад

Windows DNS Server Remote Code Execution Vulnerability

GHSA-5hxq-rvgg-jqff

CVSS3: 9.8

github

около 3 лет назад

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895.

BDU:2021-01369

CVSS3: 8.8

fstec

больше 4 лет назад

Уязвимость службы DNS-сервера операционных систем Windows Server, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 93%

0.10792

Средний

9.8 Critical

CVSS3