CVE-2021-42287

Опубликовано: 09 нояб. 2021

Источник: msrc

CVSS3: 7.5

EPSS Критический

Описание

Active Directory Domain Services Elevation of Privilege Vulnerability

FAQ

Where can I find more information about the improved authentication process added by the update for CVE-2021-42287?

See Authentication updates.

Обновления

Продукт	Статья	Обновление
Windows Server 2008 for 32-bit Systems Service Pack 2	5007263 5007246	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2	5007263 5007246	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)	5007263 5007246	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)	5007236 5007233	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1	5007236 5007233	Monthly Rollup Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)	5007263 5007246	Monthly Rollup Security Only
Windows Server 2012	5007260 5007245	Monthly Rollup Security Only
Windows Server 2012 (Server Core installation)	5007260 5007245	Monthly Rollup Security Only
Windows Server 2012 R2	5007247 5007255	Monthly Rollup Security Only
Windows Server 2012 R2 (Server Core installation)	5007247 5007255	Monthly Rollup Security Only

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 100%

0.93954

Критический

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-42287

CVSS3: 7.5

nvd

больше 3 лет назад

Active Directory Domain Services Elevation of Privilege Vulnerability

GHSA-737r-5j68-97hh

CVSS3: 8.8

github

около 3 лет назад

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.

BDU:2021-05914