vulnerability
Microsoft ADV210003: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jul 23, 2021 | Aug 4, 2021 | Jan 18, 2023 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jul 23, 2021
Added
Aug 4, 2021
Modified
Jan 18, 2023
Description
Microsoft is aware of PetitPotam which can potentially be used in an attack on Windows domain controllers or other Windows servers. PetitPotam is a classic NTLM Relay Attack, and such attacks have been previously documented by Microsoft along with numerous mitigation options to protect customers.
Solution
msft-adv210003-enable_epa_and_smb_signing
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.