admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/17xxx/CVE-2020-17049.json

276 lines
13 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2020-08-04 21:03:04 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-17049",
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"ASSIGNER": "secure@microsoft.com",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"STATE": "PUBLIC"
},
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"description": {
"description_data": [
{
"lang": "eng",
"value": "<p>A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).</p>\n<p>To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it.</p>\n<p>The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.</p>\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Feature Bypass"
}
]
}
]
},
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"affects": {
"vendor": {
"vendor_data": [
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"vendor_name": "Microsoft",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"product": {
"product_data": [
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.2061"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"version": {
"version_data": [
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.17763.2061"
}
]
}
},
{
"product_name": "Windows Server, version 1909 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Windows Server, version 1903 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Windows Server version 2004",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.19041.1110"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.4530"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.14393.4530"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.21167"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"version": {
"version_data": [
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.21167"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.6003.21167"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1",
"version": {
"version_data": [
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.1.0",
"version_value": "6.1.7601.25661"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"version": {
"version_data": [
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.1.7601.25661"
}
]
}
},
{
"product_name": "Windows Server 2012",
"version": {
"version_data": [
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.2.0",
"version_value": "6.2.9200.23409"
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
}
]
}
},
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"product_name": "Windows Server 2012 (Server Core installation)",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"version": {
"version_data": [
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.2.0",
"version_value": "6.2.9200.23409"
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
}
]
}
},
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"product_name": "Windows Server 2012 R2",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"version": {
"version_data": [
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.3.0",
"version_value": "6.3.9600.20069"
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
}
]
}
},
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"product_name": "Windows Server 2012 R2 (Server Core installation)",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"version": {
"version_data": [
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "6.3.0",
"version_value": "6.3.9600.20069"
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
}
]
}
},
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"product_name": "Windows Server version 20H2",
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
"version": {
"version_data": [
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"version_affected": "<",
"version_name": "10.0.0",
"version_value": "10.0.19041.1110"
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
}
]
}
}
]
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
}
November 2020 Patch Tuesday
2020-11-10 21:25:57 -08:00
}
Resolved aka artifact in description
2020-11-12 09:31:26 -08:00
]
}
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049"
"-Synchronized-Data."
2021-11-10 16:00:58 +00:00
},
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"url": "http://www.openwall.com/lists/oss-security/2021/11/10/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/10/3"
"-Synchronized-Data."
2023-09-17 09:00:34 +00:00
},
{
"-Synchronized-Data."
2023-12-31 19:01:09 +00:00
"url": "https://security.gentoo.org/glsa/202309-06",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202309-06"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "MEDIUM",
"baseScore": 6.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"
"-Synchronized-Data."
2020-11-12 20:03:41 +00:00
}
]
}
}
Reference in New Issue Copy Permalink