Описание
Windows DNS Server Remote Code Execution Vulnerability
FAQ
How could an attacker exploit this vulnerability?
In a network-based attack an attacker would need to have the privileges to query the Domain Name Service (DNS). If the timing of DNS queries is perfect, the attacker could execute code remotely on the target server.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2016 | ||
| Windows Server 2016 (Server Core installation) | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) | ||
| Windows Server 2022 | ||
| Windows Server 2022 (Server Core installation) | ||
| Windows Server 2022, 23H2 Edition (Server Core installation) |
Показывать по
10
Возможность эксплуатации
Publicly Disclosed
No
Exploited
No
Latest Software Release
Exploitation Less Likely
DOS
N/A
EPSS
Процентиль: 80%
0.0148
Низкий
7.2 High
CVSS3
Связанные уязвимости
CVSS3: 7.2
github
около 1 года назад
Windows DNS Server Remote Code Execution Vulnerability
CVSS3: 7.2
fstec
около 1 года назад
Уязвимость DNS-сервера операционных систем Windows, позволяющая нарушителю выполнить произвольный код
EPSS
Процентиль: 80%
0.0148
Низкий
7.2 High
CVSS3