CVE-2022-21984

Опубликовано: 08 фев. 2022

Источник: msrc

CVSS3: 8.8

EPSS Низкий

Описание

Windows DNS Server Remote Code Execution Vulnerability

Меры по смягчению последствий

The following mitigating factors may be helpful in your situation:

To be vulnerable, a DNS server would need to have dynamic updates enabled.

Обновления

Продукт	Статья	Обновление
Windows 10 Version 1909 for 32-bit Systems	5010345	Security Update
Windows 10 Version 1909 for x64-based Systems	5010345	Security Update
Windows 10 Version 1909 for ARM64-based Systems	5010345	Security Update
Windows 10 Version 20H2 for 32-bit Systems	5010342	Security Update
Windows 10 Version 20H2 for ARM64-based Systems	5010342	Security Update
Windows Server, version 20H2 (Server Core Installation)	5010342	Security Update
Windows 10 Version 21H1 for x64-based Systems	5010342	Security Update
Windows 10 Version 21H1 for ARM64-based Systems	5010342	Security Update
Windows 10 Version 21H1 for 32-bit Systems	5010342	Security Update
Windows Server 2022	5010354 5010456	Security Update-

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 87%

0.03234

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2022-21984

CVSS3: 8.8

nvd

больше 3 лет назад

Windows DNS Server Remote Code Execution Vulnerability

GHSA-g66q-qpr4-q7x8

CVSS3: 8.8

github

больше 3 лет назад

Windows DNS Server Remote Code Execution Vulnerability.

BDU:2022-00922

CVSS3: 8.8

fstec

больше 3 лет назад

Уязвимость компонента Windows DNS Server операционных систем Windows, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 87%

0.03234

Низкий

8.8 High

CVSS3