Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-1384: Microsoft Windows Security Feature Bypass Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2019-1384: Microsoft Windows Security Feature Bypass Vulnerability

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

11/12/2019

Created

11/13/2019

Added

11/12/2019

Modified

11/18/2021

Description

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access another machine using the original user privileges. The issue has been addressed by changing how NTLM validates network authentication messages.

Solution(s)

msft-kb4523205-08d9ac19-de85-40b7-98f7-8c54091494c1
msft-kb4523205-61118c04-b0ba-49af-82b7-05cb038923fb
msft-kb4523205-c0e9628c-ad49-4a51-84c0-2e18951adb68
msft-kb4524570-29c1ec74-1dd6-400c-a4fe-28af68ababa8
msft-kb4524570-537f6d1a-6a65-43a7-8f77-e2ece9811d47
msft-kb4524570-92bf4fc2-1423-4d57-b6e6-109109dab39b
msft-kb4524570-a464324d-52ab-4b91-b5eb-15b5e8dfaa70
msft-kb4524570-bb3f5eb0-a6b4-429a-83b7-5c9ae5a5eefc
msft-kb4524570-ce36ff81-c1f3-4022-ae29-980d7649600a
msft-kb4525232-0b8dcdd1-a180-4e2e-b4eb-66374803c0b3
msft-kb4525232-91ccde2b-6718-4599-9726-e74786129012
msft-kb4525233-34a5a286-7aae-469a-b1ac-0dbd98b48c9c
msft-kb4525233-357b9972-1dd5-46b6-b9fe-673f633e8a66
msft-kb4525233-3afe4f42-95e2-4768-af34-961a45c232a5
msft-kb4525233-676c08bf-e63d-48fe-b1f2-72b66ff22d0a
msft-kb4525233-682289d3-16c4-4e74-8f67-749cc358025c
msft-kb4525233-a9622cac-8e55-4fd3-bc1c-715655fde5a5
msft-kb4525236-36511ef0-14b8-4883-a0bc-49c047981b50
msft-kb4525236-40726976-3112-4667-aa22-4e882e8b635a
msft-kb4525236-f6b77fe9-194d-4905-a0db-1fe77b95ca36
msft-kb4525237-57a23bad-45b7-4713-b02b-e56d08a2a792
msft-kb4525237-595c5dcb-7b6d-47ab-990b-062c0f566c14
msft-kb4525237-79db43fa-b958-4e04-8146-2b589c3fb50a
msft-kb4525239-5d291263-6be8-4c4c-b375-01b786fc7181
msft-kb4525239-abb20615-fb10-4359-9dea-631b15cabb37
msft-kb4525239-d1be2ef4-66c3-414f-a06a-10323a6a6225
msft-kb4525241-394083ef-f78c-4b44-b085-b2252be4f21e
msft-kb4525241-8415f42c-519b-4c6a-af5c-5d0c9a0f90c7
msft-kb4525250-39712f55-86cb-4200-9005-8d57cd91032e
msft-kb4525250-a30c9519-8359-48e1-86d4-38791ad95200
msft-kb4525250-c95046b7-a6dd-4d23-9b73-68722b2533f4
msft-kb4525253-9cf980a2-7b40-426a-8253-4aca7b538ef6
msft-kb4525253-b11910e5-0a1d-4bdd-b307-3a56d5e3f1ee
msft-kb4525253-daab0091-1e65-4624-b280-015c007f30c1

References

https://attackerkb.com/topics/cve-2019-1384
CVE - 2019-1384
4523205
4524570
4525232
4525233
4525234
4525235
4525236
4525237
4525239
4525241
4525243
4525246
4525250
4525253

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-1384: Microsoft Windows Security Feature Bypass Vulnerability

Microsoft CVE-2019-1384: Microsoft Windows Security Feature Bypass Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.