Описание
Microsoft Defender for Identity Spoofing Vulnerability
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.
FAQ
What actions do I need to take to be protected from this vulnerability?
No admin action is required. Customers that have NTLM completely disabled in their environment and would like to keep the feature working, should open a support case requesting to reenable the feature. For more information, please see this article: https://learn.microsoft.com/en-us/defender-for-identity/deploy/remote-calls-sam
According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?
An unauthenticated attacker with LAN access could exploit this vulnerability.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.
Уязвимость Защитника Microsoft (Windows Defender for Identity) операционных систем Windows, позволяющая нарушителю выполнять подмену через соседнюю сеть
EPSS
6.5 Medium
CVSS3