cbcvebase.
CVE-2020-17049
published 2020-11-11

CVE-2020-17049: A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos…

PriorityP351high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
13.79%
96.0th percentile
A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.

Affected

29 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_server_2008_r2_service_pack_1>= 6.0.0 < 6.1.7601.256616.1.7601.25661
microsoftwindows_server_2008_r2_service_pack_1>= 6.1.0 < 6.1.7601.256616.1.7601.25661
microsoftwindows_server_2008_service_pack_2>= 6.0.0 < 6.0.6003.211676.0.6003.21167
microsoftwindows_server_2012
microsoftwindows_server_2012>= 6.2.0 < 6.2.9200.234096.2.9200.23409
microsoftwindows_server_2012_r2>= 6.3.0 < 6.3.9600.200696.3.9600.20069
microsoftwindows_server_2016
microsoftwindows_server_2016
microsoftwindows_server_2016
microsoftwindows_server_2016
microsoftwindows_server_2016>= 10.0.0 < 10.0.14393.453010.0.14393.4530
microsoftwindows_server_2019>= 10.0.0 < 10.0.17763.206110.0.17763.2061
microsoftwindows_server_version_2004>= 10.0.0 < 10.0.19041.111010.0.19041.1110
microsoftwindows_server_version_20h2>= 10.0.0 < 10.0.19041.111010.0.19041.1110
msrcwindows_server_2008_for_32-bit_systems_service_pack_2
msrcwindows_server_2008_for_x64-based_systems_service_pack_2
msrcwindows_server_2008_r2_for_x64-based_systems_service_pack_1
msrcwindows_server_2012
msrcwindows_server_2012_r2
msrcwindows_server_2016
msrcwindows_server_2019
msrcwindows_server_version_1903
msrcwindows_server_version_1909
msrcwindows_server_version_2004
msrcwindows_server_version_20h2

CVSS provenance

nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_msrc6.6MEDIUM
vendor_redhat6.6MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.