ID

VAR-202108-1914


CVE

CVE-2021-36942


TITLE

Microsoft Windows Active Directory Certificate Services can allow for AD compromise via PetitPotam NTLM relay attacks

Trust: 0.8

sources: CERT/CC: VU#405600

DESCRIPTION

Windows LSA Spoofing Vulnerability. Microsoft Windows Active Directory Certificate Services (AD CS) by default can be used as a target for NTLM relay attacks, which can allow a domain-joined computer to take over the entire Active Directory.CVE-2021-36942 AffectedCVE-2021-36942 Affected. Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统. Microsoft Windows存在安全漏洞。以下产品和版本受到影响:Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server, version 2004 (Server Core installation),Windows Server, version 20H2 (Server Core Installation),Windows Server 2016,Windows Server 2016 (Server Core installation),Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation). Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 3.51

sources: NVD: CVE-2021-36942 // CERT/CC: VU#405600 // JVNDB: JVNDB-2021-002297 // CNNVD: CNNVD-202108-836 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-36942

AFFECTED PRODUCTS

vendor:microsoftmodel:windows server 2016scope:ltversion:10.0.14393.4583

Trust: 1.0

vendor:microsoftmodel:windows server 2004scope:ltversion:10.0.19041.1165

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:ltversion:10.0.17763.2114

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 20h2scope:ltversion:10.0.19042.1165

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion:r2

Trust: 1.0

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for 32-bit systems sp2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2019scope:eqversion: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2004 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2016scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for 32-bit systems sp2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for x64-based systems sp2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2012scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2019 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2019scope:eqversion:(server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012 r2

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:20h2 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2012

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 r2 for x64-based systems sp1 (server core installation)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2008scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2016

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows serverscope:eqversion:2008 for x64-based systems sp2 (server core installation)

Trust: 0.8

sources: JVNDB: JVNDB-2021-002297 // NVD: CVE-2021-36942

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-36942
value: HIGH

Trust: 1.0

secure@microsoft.com: CVE-2021-36942
value: HIGH

Trust: 1.0

NVD: CVE-2021-36942
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202108-836
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-36942
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2021-36942
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.9

NVD:
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

secure@microsoft.com:
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-36942
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-36942 // JVNDB: JVNDB-2021-002297 // CNNVD: CNNVD-202108-836 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-36942 // NVD: CVE-2021-36942

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:Avoid authentication by spoofing (CWE-290) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-002297 // NVD: CVE-2021-36942

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202108-836

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202108-836 // CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources: NVD: CVE-2021-36942

PATCH

title:Windows LSA Spoofing Vulnerability Security Update Guideurl:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-36942

Trust: 0.8

title:Microsoft Windows Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=159231

Trust: 0.6

title:PetitPotamurl:https://github.com/ollypwn/petitpotam

Trust: 0.1

title:PetitPotam Fuzz modeurl:https://github.com/xiaolichan/petitpotam-v2

Trust: 0.1

title:PetitPotamurl:https://github.com/crisprss/petitpotam

Trust: 0.1

sources: VULMON: CVE-2021-36942 // JVNDB: JVNDB-2021-002297 // CNNVD: CNNVD-202108-836

EXTERNAL IDS

db:NVDid:CVE-2021-36942

Trust: 3.3

db:CERT/CCid:VU#405600

Trust: 2.4

db:JVNDBid:JVNDB-2021-002297

Trust: 0.8

db:CS-HELPid:SB2021081030

Trust: 0.6

db:CNNVDid:CNNVD-202108-836

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:VULMONid:CVE-2021-36942

Trust: 0.1

sources: CERT/CC: VU#405600 // VULMON: CVE-2021-36942 // JVNDB: JVNDB-2021-002297 // CNNVD: CNNVD-202108-836 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-36942

REFERENCES

url:https://www.kb.cert.org/vuls/id/405600

Trust: 1.6

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-36942

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-36942

Trust: 1.4

url:cve-2021-36942

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20210811-ms.html

Trust: 0.8

url:https://www.jpcert.or.jp/at/2021/at210034.html

Trust: 0.8

url:https://vigilance.fr/vulnerability/microsoft-windows-vulnerabilities-of-august-2021-36114

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021081030

Trust: 0.6

url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-36942

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

sources: CERT/CC: VU#405600 // JVNDB: JVNDB-2021-002297 // CNNVD: CNNVD-202108-836 // CNNVD: CNNVD-202104-975 // NVD: CVE-2021-36942

CREDITS

This document was written by Will Dormann.Statement Date:   July 26, 2021

Trust: 0.8

sources: CERT/CC: VU#405600

SOURCES

db:CERT/CCid:VU#405600
db:VULMONid:CVE-2021-36942
db:JVNDBid:JVNDB-2021-002297
db:CNNVDid:CNNVD-202108-836
db:CNNVDid:CNNVD-202104-975
db:NVDid:CVE-2021-36942

LAST UPDATE DATE

2024-07-28T22:43:29.219000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#405600date:2021-10-05T00:00:00
db:VULMONid:CVE-2021-36942date:2023-12-28T00:00:00
db:JVNDBid:JVNDB-2021-002297date:2021-08-26T03:05:00
db:CNNVDid:CNNVD-202108-836date:2022-04-02T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:NVDid:CVE-2021-36942date:2024-07-26T19:29:48.297

SOURCES RELEASE DATE

db:CERT/CCid:VU#405600date:2021-08-02T00:00:00
db:VULMONid:CVE-2021-36942date:2021-08-12T00:00:00
db:JVNDBid:JVNDB-2021-002297date:2021-08-26T00:00:00
db:CNNVDid:CNNVD-202108-836date:2021-08-10T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:NVDid:CVE-2021-36942date:2021-08-12T18:15:10