CVE-2021-36942

⚠ KEVEPSS 93.7%

Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability

Added to CISA KEV: 11/3/2021

Description

Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.

Affected packages (0)

No package mapping in OSV.