6.5
CVSSv2

CVE-2021-42287

Published: 10/11/2021 Updated: 13/11/2021
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2004

microsoft windows server 2008 -

microsoft windows server 2008 r2

microsoft windows server 2012 -

microsoft windows server 2012 r2

microsoft windows server 2016 -

microsoft windows server 2019 -

microsoft windows server 2022

Github Repositories

Invoke-noPac Assembly loader of the CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter (githubcom/cube0x0/noPac) PowerSharpPack (githubcom/S3cur3Th1sSh1t/PowerSharpPack) style

Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation) Installtion $ pip3 install impacket Usage Impacket v0923 - Copyright 2021 SecureAuth Corporation usage: pachinepy [-h] [-scan] [-spn SPN] [-impersonate IMPERSONATE] [-domain-netbios NETBIOSNAME] [-computer-name NEW-COMPUTER-NAME$] [-computer-pass

noPac Exploiting CVE-2021-42278 and CVE-2021-42287

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Known issues it will not work outside kali , i will update it later on :) Check out CVE-2021-42287/CVE-2021-42278 Weaponisation sAMAccountName spoofing

Hi there Check out what I'm currently working on My recent Pull Requests Recent Stars cube0x0/noPac - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter (today) inconvergent/weird - Generative art in Common Lisp (6 days ago) google/budoux - (1 week ago) ming1016/SwiftPamphletApp - 戴铭的 Swift 小册子,一本活的 Swift 手册 (1 week ago) rentruewang/

About Detection script for CVE-2021-42278 and CVE-2021-42287 Usage The detection script uses the domain account credentials to determine the possibility of the vulnerabilities usage: noPac-detectionpy [-h] [-debug] -dc-ip <IP address> -targetUser <Target Username> credentials optional arguments: -h, --help show this help message and

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin Usage SAM THE ADMIN CVE-2021-42278 + CVE-2021-42287 chain positional arguments: [domain/]username[:password] Account used to authenticate to DC optional arguments: -h, --help show this help message and exit --impe

Hi there Check out what I'm currently working on My recent Pull Requests Recent Stars cube0x0/noPac - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter (today) nolanlawson/fuite - A tool for finding memory leaks in web apps (1 day ago) skydoves/android-developer-roadmap - Android Developer Roadmap 2022 suggests learning paths to understanding Android develop

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Known issues it will not work outside kali , i will update it later on :) Check out CVE-2021-42287/CVE-2021-42278 Weaponisation sAMAccountName spoofing

noPac CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter Yet another low effort domain user to domain admin exploit If a Domain Controller is vulnerable it will return a TGT without a PAC, all eyes on small size tickets Mitigation Patch your Domain Controllers! Credits Charlie Clark for his Rubeus fork and Kevin Robertson for SharpMad

New Open Source Projects Table of Contents 2021: Week 50 (2021/12/13-2021/12/19) 2021: Week 49 (2021/12/06-2021/12/12) 2021: Week 48 (2021/11/29-2021/12/05) 2021: Week 50 (2021/12/13-2021/12/19) Log4j Scan - A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 Log4j Affected Db - A community sourced list of log4j-affected software Ambiguous

This work includes testing and improvement tools for CVE-2021-44228(log4j) Title: log4j-patcher Description: Java Agent that disables Apache Log4J's JNDI Lookup Quick-fix for CVE-2021-44228 Url: githubcom/alerithe/log4j-patcher Title: log4j-shell-poc Description: A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability Url: githubco

New Open Source Projects Table of Contents 2021: Week 50 (2021/12/13-2021/12/19) 2021: Week 49 (2021/12/06-2021/12/12) 2021: Week 48 (2021/11/29-2021/12/05) 2021: Week 50 (2021/12/13-2021/12/19) Log4j Scan - A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 Log4j Affected Db - A community sourced list of log4j-affected software Ambiguous

Recent Articles

Two Active Directory Bugs Lead to Easy Windows Domain Takeover
Threatpost • Lisa Vaas • 21 Dec 2021

A proof-of-concept tool has been published that leverages two Windows Active Directory bugs fixed last month that, when chained, can allow easy Windows domain takeover.
In a Monday alert, Microsoft urged organizations to immediately patch the pair of bugs, tracked as CVE-2021-42287 and CVE-2021-42278, both of which were fixed in its November 2021 Patch Tuesday release.
Both vulnerabilities are described as a “Windows Active Directory domain service privilege-escalation” bugs and ...