CVE-2024-30081

Опубликовано: 09 июл. 2024

Источник: msrc

CVSS3: 7.1

EPSS Низкий

Описание

Windows NTLM Spoofing Vulnerability

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker.

Продукт	Статья	Обновление
Windows Server 2008 for 32-bit Systems Service Pack 2	5040499 5040490	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2	5040499 5040490	Monthly Rollup Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)	5040499 5040490	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)	5040497 5040498	Monthly Rollup Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1	5040497 5040498	Monthly Rollup Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)	5040499 5040490	Monthly Rollup Security Only
Windows Server 2012	5040485	Monthly Rollup
Windows Server 2012 (Server Core installation)	5040485	Monthly Rollup
Windows Server 2012 R2	5040456	Monthly Rollup
Windows Server 2012 R2 (Server Core installation)	5040456	Monthly Rollup

Показывать по

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 86%

0.02836

Низкий

7.1 High

CVSS3

CVE-2024-30081

CVSS3: 7.1

nvd

12 месяцев назад

Windows NTLM Spoofing Vulnerability

GHSA-qmw8-f3p7-jc9f

CVSS3: 7.1

github

12 месяцев назад

Windows NTLM Spoofing Vulnerability

BDU:2024-05493

CVSS3: 7.1

fstec

12 месяцев назад

Уязвимость протокола сетевой аутентификации NT LAN Manager (NTLM) операционной системы Windows, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 86%

0.02836

Низкий

7.1 High

CVSS3