Security
Headlines
HeadlinesLatestCVEs

Tag

#Active Directory Domain Services

CVE-2023-36722: Active Directory Domain Services Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.

Microsoft Security Response Center
#vulnerability#Active Directory Domain Services#Security Vulnerability
CVE-2022-38042: Active Directory Domain Services Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.

CVE-2022-34691: Active Directory Domain Services Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?** An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.

CVE-2022-26817: Windows DNS Server Remote Code Execution Vulnerability

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2022-26814: Windows DNS Server Remote Code Execution Vulnerability

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2022-26817: Windows DNS Server Remote Code Execution Vulnerability

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2022-26814: Windows DNS Server Remote Code Execution Vulnerability

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.