Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2019-0683

Published

5 years ago

Last Modified

3 years ago

CVSSv2.0 Severity

Medium

CVSSv3.1 Severity

Medium

Impact Analysis

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'..

CVSSv2.0 Score

Severity: Medium
Base Score: 4.3/10
Exploit Score: 8.6/10
Access Vector: Network
Access Complexity: Medium
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: None
Availability Impact: None
Integrity Impact: Partial

CVSSv3.1 Score

Severity: Medium
Base Score: 5.9/10
Exploit Score: 2.2/10
Access Vector: Network
Access Complexity: High
Privileges Required: None
Impact Score: 3.6/10
Confidentiality Impact: None
Availability Impact: None
Integrity Impact: High
Scope: Unchanged
User Interaction: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*	Yes	-	-
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::itani	Yes	-	-
cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::	Yes	-	-
cpe:2.3:o:microsoft:windows_7:-:sp1::::::	Yes	-	-

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0683