Описание
Windows SMB Witness Service Security Feature Bypass Vulnerability
Меры по смягчению последствий
The following mitigating factors might be helpful in your situation:
- Only AD-detached clusters with Scale-out File server role installed are affected by this vulnerability. https://learn.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn265970(v=ws.11)
- Version: AD-detached cluster is available on Windows Server 2012 R2 and above.
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
An attacker who successfully exploited this vulnerability could execute RPC procedures that are restricted to privileged accounts, bypassing the access check for the RPC procedures.
How could an attacker exploit the vulnerability?
To exploit this vulnerability, an attacker could execute a specially crafted malicious script which executes an RPC call to a Windows SMB Witness Service.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2012 R2 | ||
| Windows Server 2012 R2 (Server Core installation) | ||
| Windows Server 2016 | ||
| Windows Server 2016 (Server Core installation) | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) | ||
| Windows Server 2022 | ||
| Windows Server 2022 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
7.1 High
CVSS3
Связанные уязвимости
Windows SMB Witness Service Security Feature Bypass Vulnerability
Windows SMB Witness Service Security Feature Bypass Vulnerability
Уязвимость службы Windows SMB Witness операционных систем Windows, позволяющая нарушителю обойти проверку доступа к процедурам RPC
EPSS
7.1 High
CVSS3