CVE-2019-1019

Sažetak

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access another machine using the original user privileges. The issue has been addressed by changing how NTLM validates network authentication messages.

Reference

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1019
http://packetstormsecurity.com/files/153639/Microsoft-Windows-HTTP-To-SMB-NTLM-Reflection-Privilege-Escalation.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1019

CVSS

Base:	6.0
Impact:	6.4
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-05-2025 - 18:15

Objavljeno

12-06-2019 - 14:29