PT-2020-3913 · Microsoft · Windows Active Directory Integrated Dns+1
Published
2020-09-08
·
Updated
2023-12-31
·
CVE-2020-0664
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Windows Active Directory integrated DNS (ADIDNS) (affected versions not specified)
Description:
An information disclosure issue exists due to the mishandling of objects in memory by Active Directory integrated DNS (ADIDNS). This allows an authenticated attacker to read sensitive information about the target system by sending a specially crafted request to the AD|DNS service. The vulnerability itself is not sufficient to compromise a system but could be combined with other vulnerabilities for further exploitation.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows Active Directory Integrated Dns