NetLogon Security Feature Bypass Vulnerability - CVE-2019-1424ID: oval:org.secpod.oval:def:59681 | Date: (C)2019-11-14 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability could downgrade aspects of the connection allowing for further modification of the transmission.To exploit the vulnerability, an attacker would require an active man in the middle attack to be in place for the targeted traffic.The update addresses the vulnerability by modifying how Netlogon handles these connections, accounting for potential attack through a man in the middle.
Platform: |
Microsoft Windows Server |
Microsoft Windows 10 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |