Vulnerability Name:

CVE-2020-17049 (CCN-190721)

Assigned:2020-11-10
Published:2020-11-10
Updated:2022-08-29
Summary:Kerberos Security Feature Bypass Vulnerability
CVSS v3 Severity:7.2 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
6.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
6.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
6.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.1 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-863
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2020-17049

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20211110 Fwd: Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download

Source: CCN
Type: NetSPI Blog, December 8th, 2020
CVE-2020-17049: Kerberos Bronze Bit Attack – Overview

Source: XF
Type: UNKNOWN
ms-windows-cve202017049-sec-bypass(190721)

Source: CCN
Type: Impacket GIT Repository
Adding CVE-2020-17049 exploit

Source: CCN
Type: Microsoft Security TechCenter - November 2020
Kerberos Security Feature Bypass Vulnerability

Source: MISC
Type: Patch, Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_1903:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_1909:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2004:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_20h2:-:*:*:*:*:*:x64:*

    • Configuration 2:
  • cpe:/a:samba:samba:*:*:*:*:*:*:*:* (Version >= 4.15.0 and < 4.15.1)
  • OR cpe:/a:samba:samba:*:*:*:*:*:*:*:* (Version >= 4.14.0 and < 4.14.9)
  • OR cpe:/a:samba:samba:*:*:*:*:*:*:*:* (Version >= 4.1.0 and < 4.13.13)

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_8.1:::~~~~x64~:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10:::~~~~x64~:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:arm64:*
  • OR cpe:/o:microsoft:windows_server:1903:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server:1909:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server:2004:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server:20h2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7661
    P
    		libsamba-errors-devel-4.13.13+git.539.fdbc44a8598-3.20.2 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7662
    P
    		libsamba-policy-devel-4.17.7+git.330.4057cd7a27a-150500.1.2 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3071
    P
    		ft2demos-2.6.3-7.15.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3072
    P
    		fuse-2.9.3-6.3.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94702
    P
    		libsamba-policy-devel-4.15.5+git.328.f1f29505d84-150400.1.44 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94701
    P
    		libsamba-errors-devel-4.13.13+git.539.fdbc44a8598-3.20.2 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:112126
    P
    		ctdb-4.15.2+git.193.a4d6307f1fd-1.1 on GA media (Moderate)
    2022-01-17
    BACK
    microsoft windows server 2012 r2
    microsoft windows server 2016 -
    microsoft windows server 2012 *
    microsoft windows server 2019 -
    microsoft windows server 2016 1903
    microsoft windows server 2016 1909
    microsoft windows server 2016 2004
    microsoft windows server 2016 20h2
    samba samba *
    samba samba *
    samba samba *
    microsoft windows server 2012
    microsoft windows 8.1 - -
    microsoft windows 8.1
    microsoft windows server 2012 r2
    microsoft windows rt 8.1 -
    microsoft windows 10 -
    microsoft windows 10
    microsoft windows server 2016
    microsoft windows server 2019
    microsoft windows 10 -
    microsoft windows server 1903
    microsoft windows server 1909
    microsoft windows server 2004
    microsoft windows server 20h2