PT-2018-9127 · Microsoft · Active Directory+3

Published

2018-04-10

Updated

2019-10-03

CVE-2018-0890

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Windows Server 2016 Windows 10 Windows 10 Servers

Description: A security feature bypass issue exists due to incorrect application of Network Isolation settings in Active Directory. This allows attackers to affect the system. No information is available on the estimated number of potentially affected devices or real-world incidents.

Recommendations: For Windows Server 2016, update the system to apply the correct Network Isolation settings. For Windows 10, apply the necessary configuration changes to correctly implement Network Isolation settings. For Windows 10 Servers, ensure that the Active Directory settings are properly configured to prevent the bypass of security features.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-0890

Affected Products

Active Directory

Windows

Windows 10

Windows Server 2016

PT-2018-9127 · Microsoft · Active Directory+3

CVE-2018-0890

Related Identifiers

Affected Products

References · 7