Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:access |
false
|
| gptkbp:affects |
gptkb:Windows_Server
Microsoft Netlogon Remote Protocol (MS-NRPC) |
| gptkbp:allows |
privilege escalation
domain controller compromise |
| gptkbp:CVSSv3_score |
10.0
|
| gptkbp:discoveredBy |
gptkb:Secura
|
| gptkbp:discoveredIn |
2020
|
| gptkbp:exploitAvailability |
public exploit code available
|
| gptkbp:exploits |
true
Zerologon exploit tool |
| gptkbp:hasCWE |
gptkb:CWE-287
|
| https://www.w3.org/2000/01/rdf-schema#label |
Zerologon (CVE-2020-1472)
|
| gptkbp:impact |
full domain takeover
|
| gptkbp:patchedBy |
Microsoft security update (August 2020)
|
| gptkbp:relatedTo |
gptkb:Active_Directory
|
| gptkbp:vectorFor |
gptkb:network_protocol
|
| gptkbp:vulnerableTo |
authentication bypass
cryptographic flaw CVE-2020-1472 |
| gptkbp:bfsParent |
gptkb:Netlogon_service
|
| gptkbp:bfsLayer |
7
|