Details of VAR-202111-0660

ID

VAR-202111-0660

CVE

CVE-2021-42278

TITLE

Microsoft Windows Server Elevated Privileges in

Trust: 0.8

sources: JVNDB: JVNDB-2021-004143

DESCRIPTION

Active Directory Domain Services Elevation of Privilege Vulnerability. This vulnerability is CVE-2021-42282 , CVE-2021-42287 , CVE-2021-42291 Is a different vulnerability.You may be elevated. Microsoft Windows Active Directory是美国微软（Microsoft）公司的一个负责架构中大型网络环境的集中式目录管理服务。存储有关网络上对象的信息，并使管理员和用户可以轻松查找和使用这些信息. Microsoft Windows Active Directory存在权限许可和访问控制问题漏洞。以下产品和版本受到影响：Windows Server 2012 R2 (Server Core installation),Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server, version 2004 (Server Core installation),Windows Server, version 20H2 (Server Core Installation),Windows Server 2016,Windows Server 2016 (Server Core installation),Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2

Trust: 2.25

sources: NVD: CVE-2021-42278 // JVNDB: JVNDB-2021-004143 // CNNVD: CNNVD-202111-797 // VULMON: CVE-2021-42278

AFFECTED PRODUCTS

vendor:	microsoft	model:	windows server 2004	scope:	lt	version:	10.0.19041.1348	Trust: 1.0
vendor:	microsoft	model:	windows server 2016	scope:	lt	version:	10.0.14393.4770	Trust: 1.0
vendor:	microsoft	model:	windows server 20h2	scope:	lt	version:	10.0.19042.1348	Trust: 1.0
vendor:	microsoft	model:	windows server 2019	scope:	lt	version:	10.0.17763.2300	Trust: 1.0
vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	r2	Trust: 1.0
vendor:	microsoft	model:	windows server 2008	scope:	eq	version:	r2	Trust: 1.0
vendor:	microsoft	model:	windows server 2008	scope:	eq	version:	-	Trust: 1.0
vendor:	microsoft	model:	windows server 2022	scope:	lt	version:	10.0.20348.350	Trust: 1.0
vendor:	microsoft	model:	windows server 2012	scope:	eq	version:	-	Trust: 1.0
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2004 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2016	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012 r2 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2016	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2019	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2022	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2016 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 for x64-based systems sp2 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2019 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2022	scope:	eq	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 for 32-bit systems sp2	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2008	scope:	-	version:	-	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 for 32-bit systems sp2 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 r2 for x64-based systems sp1 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2022	scope:	eq	version:	(server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2012 r2	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2022 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	20h2 (server core installation)	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2019	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 for x64-based systems sp2	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server	scope:	eq	version:	2008 r2 for x64-based systems sp1	Trust: 0.8
vendor:	マイクロソフト	model:	microsoft windows server 2012	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-004143 // NVD: CVE-2021-42278

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2021-42278
value:	HIGH
Trust: 1.8
secure@microsoft.com:	CVE-2021-42278
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202111-797
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-42278
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2021-42278
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9

NVD:
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2021-004143
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2021-42278 // JVNDB: JVNDB-2021-004143 // CNNVD: CNNVD-202111-797 // NVD: CVE-2021-42278 // NVD: CVE-2021-42278

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-004143 // NVD: CVE-2021-42278

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-797

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-202111-797

CONFIGURATIONS

sources: NVD: CVE-2021-42278

PATCH

title:	Active Directory Domain Services Elevation of Privilege Vulnerability Security Update Guide	url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-42278	Trust: 0.8
title:	Microsoft Windows Active Directory Fixes for permissions and access control issues vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=169140	Trust: 0.6
title:	Introduction Getting started How LDAP Firewall works Can I contribute? We would love to hear from you! License information	url:	https://github.com/mre-fog/ldapfw	Trust: 0.1
title:	Windows Privilege Escalation Cheatsheet	url:	https://github.com/edsonjt81/windows-privilege-escalation	Trust: 0.1
title:	Invoke-sAMSpoofing	url:	https://github.com/xiaolichan/invoke-samspoofing	Trust: 0.1
title:	Introduction Getting started How LDAP Firewall works Can I contribute? We would love to hear from you! License information	url:	https://github.com/zeronetworks/ldapfw	Trust: 0.1
title:	Windows Privilege Escalation Cheatsheet Follow us on	url:	https://github.com/racho-prg/windows_escalada_privilegios	Trust: 0.1
title:	Windows Privilege Escalation Cheatsheet Follow us on	url:	https://github.com/ignitetechnologies/windows-privilege-escalation	Trust: 0.1
title:	Windows Privilege Escalation Cheatsheet Follow us on	url:	https://github.com/whoami-chmod777/hacking-articles-windows-privilege-escalation	Trust: 0.1
title:	Windows Privilege Escalation Cheatsheet Follow us on	url:	https://github.com/nxpnch/windows-privesc	Trust: 0.1
title:	sAMAccountName-Spoofing	url:	https://github.com/iaminzoho/samaccountname-spoofing	Trust: 0.1
title:	noPac	url:	https://github.com/cyb3rpeace/nopac	Trust: 0.1
title:	Invoke-noPac	url:	https://github.com/ricardojba/invoke-nopac	Trust: 0.1
title:	-	url:	https://github.com/shengshengli/getdomainadmin	Trust: 0.1

sources: VULMON: CVE-2021-42278 // JVNDB: JVNDB-2021-004143 // CNNVD: CNNVD-202111-797

EXTERNAL IDS

db:	NVD	id:	CVE-2021-42278	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-004143	Trust: 0.8
db:	CS-HELP	id:	SB2021110914	Trust: 0.6
db:	CNNVD	id:	CNNVD-202111-797	Trust: 0.6
db:	VULMON	id:	CVE-2021-42278	Trust: 0.1

sources: VULMON: CVE-2021-42278 // JVNDB: JVNDB-2021-004143 // CNNVD: CNNVD-202111-797 // NVD: CVE-2021-42278

REFERENCES

url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-42278	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-42278	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20211110-ms.html	Trust: 0.8
url:	https://www.jpcert.or.jp/at/2021/at210048.html	Trust: 0.8
url:	https://cisa.gov/known-exploited-vulnerabilities-catalog	Trust: 0.8
url:	https://vigilance.fr/vulnerability/windows-vulnerabilities-of-november-2021-36842	Trust: 0.6
url:	https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-42278	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021110914	Trust: 0.6

sources: JVNDB: JVNDB-2021-004143 // CNNVD: CNNVD-202111-797 // NVD: CVE-2021-42278

CREDITS

Catalyst IT and Samba Team

Trust: 0.6

sources: CNNVD: CNNVD-202111-797

SOURCES

db:	VULMON	id:	CVE-2021-42278
db:	JVNDB	id:	JVNDB-2021-004143
db:	CNNVD	id:	CNNVD-202111-797
db:	NVD	id:	CVE-2021-42278

LAST UPDATE DATE

2024-07-09T02:45:43.076000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2021-42278	date:	2023-12-28T00:00:00
db:	JVNDB	id:	JVNDB-2021-004143	date:	2024-07-08T06:17:00
db:	CNNVD	id:	CNNVD-202111-797	date:	2021-11-15T00:00:00
db:	NVD	id:	CVE-2021-42278	date:	2024-07-03T13:33:20.297

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2021-42278	date:	2021-11-10T00:00:00
db:	JVNDB	id:	JVNDB-2021-004143	date:	2021-11-15T00:00:00
db:	CNNVD	id:	CNNVD-202111-797	date:	2021-11-09T00:00:00
db:	NVD	id:	CVE-2021-42278	date:	2021-11-10T01:19:44.300