← voltar
CVE-2019-0972

Local Security Authority Subsystem Service Denial of Service Vulnerability

CVSS 6.5 MEDIUMEPSS 5.8%
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.5EPSS 5.8%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
12 jun 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:R