PT-2020-3920 · Microsoft · Active Directory Integrated Dns+1

Published

2020-08-09

Updated

2023-12-31

CVE-2020-0856

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Active Directory integrated DNS (ADIDNS) (affected versions not specified)

Description: An information disclosure issue exists due to the mishandling of objects in memory by Active Directory integrated DNS (ADIDNS). This could allow an authenticated attacker to read sensitive information about the target system by sending a specially crafted request to the AD|DNS service. The vulnerability itself is not sufficient to compromise a system but could be combined with other vulnerabilities for further exploitation.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2020-04313

CVE-2020-0856

Affected Products

Active Directory Integrated Dns

Windows

PT-2020-3920 · Microsoft · Active Directory Integrated Dns+1

CVE-2020-0856

Weakness Enumeration

Related Identifiers

Affected Products

References · 6