CVE-2021-26887Link Following in Microsoft Windows Server 2012

CWE-59Link FollowingCWE-269Improper Privilege Management4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.5%
top 35.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
20
Microsoft Windows Server 2012Microsoft Windows 10 Version 1507Microsoft Windows 10 Version 1607+17 more
Timeline
PublishedMar 11
Latest updateMay 24

Description

An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another user's personal data to a created folder. To exploit the vulnerability, an attacker can create a new folder under the Folder Redirection root path and create a junction on a newly created User folder.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages20 packages

CVEListV5microsoft/windows_server_20126.2.0publication

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-xphp-jrmh-9rjj: Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability2022-05-24
CVEList
Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability2021-03-11

📋Vendor Advisories

1
Microsoft
Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability2021-03-09
CVE-2021-26887 — Link Following in Microsoft | cvebase