CVE-2021-34442

Опубликовано: 13 июл. 2021

Источник: msrc

CVSS3: 8.8

EPSS Низкий

Описание

Windows DNS Server Remote Code Execution Vulnerability

FAQ

If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.

Обновления

Продукт	Статья	Обновление
Windows Server 2008 for 32-bit Systems Service Pack 2	5004305 5004299	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2	5004305 5004299	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)	5004305 5004299	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)	5004289 5004307	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1	5004289 5004307	Monthly Rollup Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)	5004305 5004299	Monthly Rollup Security Only
Windows Server 2012	5004294 5004302	Monthly Rollup Security Only
Windows Server 2012 (Server Core installation)	5004294 5004302	Monthly Rollup Security Only
Windows Server 2012 R2	5004298 5004285	Monthly Rollup Security Only
Windows Server 2012 R2 (Server Core installation)	5004298 5004285	Monthly Rollup Security Only

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 90%

0.06211

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2021-34442

CVSS3: 8.8

nvd

почти 4 года назад

Windows DNS Server Remote Code Execution Vulnerability

GHSA-6p5f-qv8v-hp6j

CVSS3: 8.8

github

около 3 лет назад

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33745, CVE-2021-34444, CVE-2021-34499.

BDU:2022-00097

CVSS3: 9.8

fstec

почти 4 года назад

Уязвимость компонента DNS Server операционных систем Windows, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 90%

0.06211

Низкий

8.8 High

CVSS3