9
CVSSv2

CVE-2020-17049

Published: 11/11/2020 Updated: 23/11/2020
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Microsoft Windows could allow a remote authenticated malicious user to bypass security restrictions. An attacker could exploit this vulnerability to bypass Kerberos security feature to cause impact on confidentiality, integrity and availability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2012

microsoft windows server 2012 r2

microsoft windows server 2016 -

microsoft windows server 2016 20h2

microsoft windows server 2016 1903

microsoft windows server 2016 1909

microsoft windows server 2016 2004

microsoft windows server 2019 -

Recent Articles

Microsoft fixes Windows 10 BSOD crashes caused by NVMe SSDs
BleepingComputer • Sergiu Gatlan • 01 Dec 2020

Microsoft has fixed a known issue causing Windows 10 blue screens of death (BSOD) crashes when users plugged in a Thunderbolt NVMe (Non-Volatile Memory Express) Solid State Drive (SSD).
To be impacted by this known issue Windows 10 device would have to feature at least one Thunderbolt NVMe SSD and one Thunderbolt port.
Affected Windows 10 devices would also display a "DRIVER_VERIFIER_DMA_VIOLATION (e6). An illegal DMA operation was attempted by a driver being verified." stop error.

Microsoft releases patching guidance for Kerberos security bug
BleepingComputer • Sergiu Gatlan • 20 Nov 2020

Microsoft has released additional details on how to fully mitigate a security feature bypass vulnerability in Kerberos KDC (Key Distribution Center) patched during this month's Patch Tuesday.
The remotely exploitable security bug tracked as CVE-2020-17049 exists in the way KDC decides if service tickets can be used for delegation via Kerberos Constrained Delegation (KCD).
Kerberos is the
for domain connected devices running Windows 2000 or later. Kerberos KDC is a feature tha...

Windows Kerberos authentication breaks due to security updates
BleepingComputer • Sergiu Gatlan • 16 Nov 2020

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 during this month's Patch Tuesday, on November 10.
Kerberos replaced the NTLM protocol to be the
for domain connected devices on all Windows versions above Windows 2000.
Authentication protocols
of users, computers, and services, making it possible for authorized services ...

Microsoft fixes Windows Kerberos authentication issues in OOB update
BleepingComputer • Sergiu Gatlan • 01 Jan 1970

Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released earlier this month to address CVE-2020-17049.
is a remotely exploitable Kerberos Constrained Delegation (KCD) security feature bypass security bug that exists in the way KDC determines if service tickets can be used for delegation.
Kerberos replaced the NTLM protocol as the
for domain...