#VU48269 Security Features in Windows Server


Published: 2020-11-10

Vulnerability identifier: #VU48269

Vulnerability risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-17049

CWE-ID: CWE-254

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft

Description

The vulnerability allows a remote user to bypass authentication process.

The vulnerability exists due to security feature bypass issue in Kerberos. A remote administrator can bypass authentication process and gain unauthorized access to the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Windows Server: 2012 - 2019 2004

External links
http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Service Telemetry Framework 1.5
Red Hat Enterprise Linux 8.6 Extended Update Support update for krb5
Red Hat Enterprise Linux 8.8 Extended Update Support update for the idm:DL1 module
Red Hat Enterprise Linux 8.6 Extended Update Support update for the idm:DL1 module
Red Hat Enterprise Linux 8 update for the idm:DL1 module
Multiple vulnerabilities in Red Hat OpenShift Container Platform release 4.13
Gentoo update for Samba
Multiple vulnerabilities in Red Hat OpenShift Data Foundation 4.13
Red Hat Enterprise Linux 9 update for krb5
Multiple vulnerabilities in Oracle Linux