Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-42278: Active Directory Domain Services Elevation of Privilege Vulnerability

Where can I find more information about Active Directory SAM Account hardening changes?

See Active Directory SAM Account hardening changes.

Microsoft Security Response Center
#Windows Active Directory#Security Vulnerability#vulnerability

Related news

CVE-2021-42002: ADManager Plus's Release Notes For Highlights and Information about the Latest Release - Windows Active Directory and Exchange Management, Reporting, Delegation, Automation Tool

Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.

CVE-2021-41833

Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.

CVE-2021-38665: Remote Desktop Protocol Client Information Disclosure Vulnerability

*What type of information could be disclosed by this vulnerability?* Exploiting this vulnerability could allow the disclosure of initialized and/or uninitialized memory in the process heap.

CVE-2021-42291: Active Directory Domain Services Elevation of Privilege Vulnerability

*Where can I find more information about Active Directory permissions updates?* See Active Directory permissions updates.

CVE-2021-42287: Active Directory Domain Services Elevation of Privilege Vulnerability

*Where can I find more information about the improved authentication process added by the update for CVE-2021-42287?* See Authentication updates.

CVE-2021-42321: Microsoft Exchange Server Remote Code Execution Vulnerability

*What can cause this vulnerability?* The vulnerability occurs due to improper validation of cmdlet arguments. *Does the attacker need to be in an authenticated role in the Exchange Server?* Yes, the attacker must be authenticated.

CVE-2020-12082: CVE-2020-12082 Remediated in Code Insight

A stored cross-site scripting issue impacts certain areas of the Web UI for Code Insight v7.x releases up to and including 2020 R1 (7.11.0-64).

CVE-2020-12083: CVE-2020-12083 Remediated in Code Insight

An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to and including 2020 R1 (7.11.0-64).