Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.9
CVSSv3

CVE-2019-0683

Published: 09/04/2019 Updated: 24/08/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 387
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Windows Server 2008

Vulnerability Summary

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2008 -

microsoft windows server 2008 r2

microsoft windows 7 -

Recent Articles

Microsoft Patch Tuesday – March 2019
Symantec Threat Intelligence Blog • Ratheesh PM • 13 Mar 2024

This month the vendor has patched 64 vulnerabilities, 17 of which are rated Critical.

Posted: 13 Mar, 201920 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – March 2019This month the vendor has patched 64 vulnerabilities, 17 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid handlin...

Read more...
Microsoft changes DHCP to 'Dammit! Hacked! Compromised! Pwned!' Big bunch of security fixes land for Windows
The Register • Shaun Nichols in San Francisco • 12 Mar 2019

DHCP client has trio of remote-code exec vulns – plus SAP, Adobe issue updates

Patch Tuesday It's the second Tuesday of the month, and you know what that means: a fresh dump of security fixes from Microsoft, Adobe and others. The March edition of Patch Tuesday includes fixes for 64 CVE-listed vulnerabilities, while Adobe addressed a pair of bugs in Photoshop and Digital Editions. Even SAP has got in on the game. You should review the updates, test them if necessary or able to, and install them as soon as possible, to avoid running into miscreants exploiting them to comprom...

Read more...

References

CWE-276https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0683https://nvd.nist.govhttps://www.theregister.co.uk/2019/03/12/march_patch_tuesday_dhcp/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook