CVE-2010-3223

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2008 R2

Description A tampering issue exists due to improper handling of permissions on shared cluster disks by the Failover Cluster Manager user interface. The Failover Cluster Manager uses unsecured default permissions when adding disks to a cluster, potentially providing unauthorized users with read/write/delete access to the administrative shares on the failover cluster disk. This allows remote attackers to read or modify data on these disks via requests to the associated share.

Recommendations For Microsoft Windows Server 2008 R2, consider restricting access to the administrative shares on the failover cluster disk to minimize the risk of exploitation. As a temporary workaround, review and manually set proper permissions on new cluster disks that are shared as part of a failover cluster. Ensure that only authorized users have access to these shares.