Statements (23)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:security
|
gptkbp:access |
false
|
gptkbp:affects |
gptkb:Windows_Server
Microsoft Netlogon Remote Protocol (MS-NRPC) |
gptkbp:allows |
privilege escalation
domain controller compromise |
gptkbp:CVSSv3_score |
10.0
|
gptkbp:discoveredBy |
gptkb:Secura
|
gptkbp:discoveredIn |
2020
|
gptkbp:exploitAvailability |
public exploit code available
|
gptkbp:exploits |
true
Zerologon exploit tool |
gptkbp:hasCWE |
gptkb:CWE-287
|
https://www.w3.org/2000/01/rdf-schema#label |
Zerologon (CVE-2020-1472)
|
gptkbp:impact |
full domain takeover
|
gptkbp:patchedBy |
Microsoft security update (August 2020)
|
gptkbp:relatedTo |
gptkb:Active_Directory
|
gptkbp:vectorFor |
gptkb:network_protocol
|
gptkbp:vulnerableTo |
authentication bypass
cryptographic flaw CVE-2020-1472 |
gptkbp:bfsParent |
gptkb:Netlogon_service
|
gptkbp:bfsLayer |
7
|