Описание
Microsoft Configuration Manager Remote Code Execution Vulnerability
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.
FAQ
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
Successful exploitation of this vulnerability simply requires the attacker or targeted user to leverage a Microsoft Access application to automatically talk to a SQL Server while utilizing a remote SQL Server address that they control.
How could an attacker exploit this vulnerability?
An authenticated attacker can run arbitrary SQL queries as the SMS service (with sysadmin privileges). Since the injection happens during a user permission check, even users with read-only RBAC roles can exploit it. Any local SMS Admins group member on the SMS Provider host can also take advantage of this vulnerability.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
8 High
CVSS3
Связанные уязвимости
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.
Уязвимость программного обеспечения управления ИТ-инфраструктурой Microsoft Configuration Manager, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить произвольный код
EPSS
8 High
CVSS3