CVE-2019-0683
Description
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka Active Directory Elevation of Privilege Vulnerability.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
4.281
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Windows Kernel Information Disclosure Vulnerability for Windows Server 2008 for x64-based Systems (KB4489876) | Windows |
| Windows Kernel Information Disclosure Vulnerability for Windows Server 2008 for x86-based Systems (KB4489876) | Windows |
| HID Information Disclosure Vulnerability for Windows Server 2008 for x64-based Systems (KB4489880) | Windows |
| HID Information Disclosure Vulnerability for Windows Server 2008 for x86-based Systems (KB4489880) | Windows |
| Windows Kernel Information Disclosure Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4489885) | Windows |
| Windows Kernel Information Disclosure Vulnerability for Windows 7 for x86-based Systems (KB4489885) | Windows |
| Windows Kernel Information Disclosure Vulnerability for Windows 7 for x64-based Systems (KB4489885) | Windows |
| HID Information Disclosure Vulnerability for Windows 7 for x86-based Systems (KB4489878) | Windows |
| HID Information Disclosure Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4489878) | Windows |
| HID Information Disclosure Vulnerability for Windows 7 for x64-based Systems (KB4489878) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB4499151) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 8.1 for x64-based Systems (KB4499151) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 8.1 for x86-based Systems (KB4499151) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4499179) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4499179) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4499167) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4499167) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4499167) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4499175) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 7 for x86-based Systems (KB4499175) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 7 for x64-based Systems (KB4499175) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4499164) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 7 for x86-based Systems (KB4499164) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 7 for x64-based Systems (KB4499164) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4494440) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2016 for x64-based Systems (KB4494440) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4494440) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4499181) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4499181) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB4494441) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB4494441) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2019 for x64-based Systems (KB4494441) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB4499154) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB4499154) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2012 for x64-based Systems (KB4499171) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x86-based Systems (KB4497936) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x64-based Systems (KB4497936) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2012 for x64-based Systems (KB4499158) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB4499165) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 8.1 for x64-based Systems (KB4499165) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 8.1 for x86-based Systems (KB4499165) | Windows |
| 2019-07 Security Only Quality Update for Windows 7 for x86-based Systems (KB4507456) | Windows |
| 2019-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4507456) | Windows |
| 2019-07 Security Only Quality Update for Windows 7 for x64-based Systems (KB4507456) | Windows |
| 2019-07 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB4507457) | Windows |
| 2019-07 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4507457) | Windows |
| 2019-07 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB4507457) | Windows |
| 2019-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4507461) | Windows |
| 2019-07 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB4507461) | Windows |
| 2019-07 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4507464) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4507455) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4507455) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4507449) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4507449) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4507449) | Windows |
| 2019-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4507460) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4507460) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4507460) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB4507448) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4507448) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4507448) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1703 for x86-based Systems (KB4507450) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4507450) | Windows |
| 2019-07 Cumulative Update for Windows Server 2019 for x64-based Systems (KB4507469) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4507469) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4507469) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB4507458) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4507458) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4507435) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4507435) | Windows |
| 2019-07 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4507435) | Windows |
| 2019-07 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4507453) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1903 for x86-based Systems (KB4507453) | Windows |
| 2019-07 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4507453) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4507452) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB4507452) | Windows |
| 2019-07 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4507462) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4507450) (CVE-2019-0880) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4507450) (CVE-2019-0880) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4507450) (CVE-2019-0880) | Windows |
| Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4507450) (CVE-2019-0880) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-26287 | 2019-03 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4489876) |
| PATCH-26288 | 2019-03 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB4489876) |
| PATCH-26310 | 2019-03 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4489880) |
| PATCH-26311 | 2019-03 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB4489880) |
| PATCH-26289 | 2019-03 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4489885) |
| PATCH-26290 | 2019-03 Security Only Quality Update for Windows 7 for x86-based Systems (KB4489885) |
| PATCH-26291 | 2019-03 Security Only Quality Update for Windows 7 for x64-based Systems (KB4489885) |
| PATCH-26312 | 2019-03 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4489878) |
| PATCH-26313 | 2019-03 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4489878) |
| PATCH-26314 | 2019-03 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4489878) |
| PATCH-26668 | 2019-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4499151) |
| PATCH-26669 | 2019-05 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4499151) |
| PATCH-26670 | 2019-05 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB4499151) |
| PATCH-26684 | 2019-05 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4499179) |
| PATCH-26685 | 2019-05 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4499179) |
| PATCH-26686 | 2019-05 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4499167) |
| PATCH-26697 | 2019-05 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4499167) |
| PATCH-26698 | 2019-05 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4499167) |
| PATCH-26655 | 2019-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4499175)(CVE-2019-0708) |
| PATCH-26656 | 2019-05 Security Only Quality Update for Windows 7 for x86-based Systems (KB4499175)(CVE-2019-0708) |
| PATCH-26657 | 2019-05 Security Only Quality Update for Windows 7 for x64-based Systems (KB4499175)(CVE-2019-0708) |
| PATCH-26674 | 2019-05 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4499164)(CVE-2019-0708) |
| PATCH-26675 | 2019-05 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4499164)(CVE-2019-0708) |
| PATCH-26676 | 2019-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4499164)(CVE-2019-0708) |
| PATCH-26677 | 2019-05 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4494440) |
| PATCH-26678 | 2019-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4494440) |
| PATCH-26679 | 2019-05 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4494440) |
| PATCH-26699 | 2019-05 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4494441) |
| PATCH-26700 | 2019-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4494441) |
| PATCH-26701 | 2019-05 Cumulative Update for Windows Server 2019 for x64-based Systems (KB4494441) |
| PATCH-26680 | 2019-05 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4499154) |
| PATCH-26681 | 2019-05 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB4499154) |
| PATCH-26671 | 2019-05 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4499171) |
| PATCH-26703 | 2019-05 Cumulative Update for Windows 10 Version 1903 for x86-based Systems (KB4497936) |
| PATCH-26704 | 2019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4497936) |
| PATCH-26652 | 2019-05 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4499158) |
| PATCH-26649 | 2019-05 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4499165) |
| PATCH-26650 | 2019-05 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB4499165) |
| PATCH-26651 | 2019-05 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB4499165) |
| PATCH-26955 | 2019-07 Security Only Quality Update for Windows 7 for x86-based Systems (KB4507456) (CVE-2019-1132) |
| PATCH-26956 | 2019-07 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4507456) (CVE-2019-1132) |
| PATCH-26957 | 2019-07 Security Only Quality Update for Windows 7 for x64-based Systems (KB4507456) (CVE-2019-1132) |
| PATCH-26958 | 2019-07 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB4507457) (CVE-2019-0880) |
| PATCH-26959 | 2019-07 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4507457) (CVE-2019-0880) |
| PATCH-26960 | 2019-07 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB4507457) (CVE-2019-0880) |
| PATCH-26962 | 2019-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB4507461) (CVE-2019-1132) |
| PATCH-26963 | 2019-07 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB4507461) (CVE-2019-1132) |
| PATCH-26961 | 2019-07 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB4507464) (CVE-2019-0880) |
| PATCH-26990 | 2019-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4507455) (CVE-2019-0880) |
| PATCH-26991 | 2019-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4507455) (CVE-2019-0880) |
| PATCH-26974 | 2019-07 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4507449) (CVE-2019-1132) |
| PATCH-26975 | 2019-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4507449) (CVE-2019-1132) |
| PATCH-26976 | 2019-07 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4507449) (CVE-2019-1132) |
| PATCH-26983 | 2019-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4507460) (CVE-2019-0880) |
| PATCH-26984 | 2019-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4507460) (CVE-2019-0880) |
| PATCH-26985 | 2019-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4507460) (CVE-2019-0880) |
| PATCH-26977 | 2019-07 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB4507448) (CVE-2019-0880) |
| PATCH-26978 | 2019-07 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4507448) (CVE-2019-0880) |
| PATCH-26979 | 2019-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4507448) (CVE-2019-0880) |
| PATCH-26995 | 2019-07 Cumulative Update for Windows Server 2019 for x64-based Systems (KB4507469) (CVE-2019-0880) |
| PATCH-26996 | 2019-07 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4507469) (CVE-2019-0880) |
| PATCH-26997 | 2019-07 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4507469) (CVE-2019-0880) |
| PATCH-26986 | 2019-07 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB4507458) (CVE-2019-0880) |
| PATCH-26987 | 2019-07 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4507458) (CVE-2019-0880) |
| PATCH-26992 | 2019-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4507435) (CVE-2019-0880) |
| PATCH-26993 | 2019-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4507435) (CVE-2019-0880) |
| PATCH-26994 | 2019-07 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4507435) (CVE-2019-0880) |
| PATCH-26998 | 2019-07 Cumulative Update for Windows Server, version 1903 for x64-based Systems (KB4507453) (CVE-2019-0880) |
| PATCH-26999 | 2019-07 Cumulative Update for Windows 10 Version 1903 for x86-based Systems (KB4507453) (CVE-2019-0880) |
| PATCH-27000 | 2019-07 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4507453) (CVE-2019-0880) |
| PATCH-26981 | 2019-07 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB4507452) (CVE-2019-1132) |
| PATCH-26982 | 2019-07 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB4507452) (CVE-2019-1132) |
| PATCH-26980 | 2019-07 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB4507462) (CVE-2019-0880) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234