Overview
- Description
- Windows LSA Spoofing Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
Known exploits
Data from CISA
- Vulnerability name
- Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability
- Exploit added on
- Nov 3, 2021
- Exploit action due
- Nov 17, 2021
- Required action
- Apply updates per vendor instructions.
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C90BEC5F-E0A8-43C5-BB0D-251D19BFD66B",
"versionEndExcluding": "10.0.19041.1165"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11769DC8-BD9F-4526-8B53-5380327930FB",
"versionEndExcluding": "10.0.14393.4583"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61219C24-A1AE-427F-BBF8-A984BCB1CA6F",
"versionEndExcluding": "10.0.17763.2114"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45A85E4C-6C7A-4B72-832D-AC12A78565C3",
"versionEndExcluding": "10.0.19042.1165"
}
],
"operator": "OR"
}
]
}
]