cvelistv5 - cve-2021-31166

CVE-2021-31166 (GCVE-0-2021-31166)

Vulnerability from cvelistv5

Published

2021-05-11 19:11

Modified

2025-10-21 23:25

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE

Remote Code Execution

Summary

HTTP Protocol Stack Remote Code Execution Vulnerability

References

URL

Tags

secure@microsoft.com	http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166	Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166	US Government Resource

Impacted products

Vendor

Product

Version

Microsoft

Windows 10 Version 2004

Version: 10.0.0 < 10.0.19041.982
cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*

Microsoft	Windows Server version 2004	Version: 10.0.0 < 10.0.19041.982 cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:::::::*
Microsoft	Windows 10 Version 20H2	Version: 10.0.0 < 10.0.19042.982 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982::::::x86: cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982::::::arm64:
Microsoft	Windows Server version 20H2	Version: 10.0.0 < 10.0.19042.982 cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:::::::*

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-04-06

Due date: 2022-04-27

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-31166

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:52.129Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-31166",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T14:36:57.411562Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-04-06",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:25:45.988Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-04-06T00:00:00+00:00",
            "value": "CVE-2021-31166 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.982",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-05-11T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "HTTP Protocol Stack Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-28T23:56:49.266Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
        }
      ],
      "title": "HTTP Protocol Stack Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-31166",
    "datePublished": "2021-05-11T19:11:19.000Z",
    "dateReserved": "2021-04-14T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:25:45.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-31166",
      "cwes": "[\"CWE-416\"]",
      "dateAdded": "2022-04-06",
      "dueDate": "2022-04-27",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-31166",
      "product": "HTTP Protocol Stack",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-31166\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2021-05-11T19:15:09.300\",\"lastModified\":\"2025-10-30T19:55:18.167\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HTTP Protocol Stack Remote Code Execution Vulnerability\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota de HTTP Protocol Stack\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-04-06\",\"cisaActionDue\":\"2022-04-27\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19041.982\",\"matchCriteriaId\":\"F170C517-0312-457D-9108-ECA6638C8223\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19042.982\",\"matchCriteriaId\":\"957F366C-FD59-479A-A6C5-F93E35436549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19041.982\",\"matchCriteriaId\":\"BD0A39ED-F4B4-4C2D-BDB4-088426F2377B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19042.982\",\"matchCriteriaId\":\"F42A77A0-2B44-4C08-8BBB-851B22AED6E8\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"title\": \"HTTP Protocol Stack Remote Code Execution Vulnerability\", \"datePublic\": \"2021-05-11T07:00:00.000Z\", \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 2004\", \"cpes\": [\"cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*\"], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.0\", \"lessThan\": \"10.0.19041.982\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server version 2004\", \"cpes\": [\"cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:*:*:*:*:*:*:*\"], \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.0\", \"lessThan\": \"10.0.19041.982\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 20H2\", \"cpes\": [\"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:x86:*\", \"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:arm64:*\"], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\"], \"versions\": [{\"version\": \"10.0.0\", \"lessThan\": \"10.0.19042.982\", \"versionType\": \"custom\", \"status\": \"affected\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server version 20H2\", \"cpes\": [\"cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:*:*:*:*:*:*:*\"], \"platforms\": [\"x64-based Systems\"], \"versions\": [{\"version\": \"10.0.0\", \"lessThan\": \"10.0.19042.982\", \"versionType\": \"custom\", \"status\": \"affected\"}]}], \"descriptions\": [{\"value\": \"HTTP Protocol Stack Remote Code Execution Vulnerability\", \"lang\": \"en-US\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"Remote Code Execution\", \"lang\": \"en-US\", \"type\": \"Impact\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2023-12-28T23:56:49.266Z\"}, \"references\": [{\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\"}], \"metrics\": [{\"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}], \"cvssV3_1\": {\"version\": \"3.1\", \"baseSeverity\": \"CRITICAL\", \"baseScore\": 9.8, \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}}]}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T22:55:52.129Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html\"}]}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-31166\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T14:36:57.411562Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-04-06\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T14:37:11.441Z\"}, \"timeline\": [{\"time\": \"2022-04-06T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2021-31166 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"assignerShortName\": \"microsoft\", \"cveId\": \"CVE-2021-31166\", \"datePublished\": \"2021-05-11T19:11:19.000Z\", \"dateReserved\": \"2021-04-14T00:00:00.000Z\", \"dateUpdated\": \"2025-10-21T19:46:44.125Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2021-AVI-367

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code à distance, une atteinte à la confidentialité des données, une usurpation d'identité, un déni de service et un contournement de la fonctionnalité de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows 10 Version 2004 pour systèmes 32 bits
Microsoft	Windows	Windows 10 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour systèmes x64
Microsoft	Windows	Windows Server 2019 (Server Core installation)
Microsoft	Windows	Windows Server, version 2004 (Server Core installation)
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows 10 Version 1803 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1803 pour systèmes x64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes x64
Microsoft	Windows	Windows Server 2016 (Server Core installation)
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows 7 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 10 Version 1809 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 2004 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1909 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 20H2 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64
Microsoft	Windows	Windows Server 2012 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1803 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows Server, version 1909 (Server Core installation)
Microsoft	Windows	Windows 10 Version 2004 pour systèmes x64
Microsoft	Windows	Windows 8.1 pour systèmes x64
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows 8.1 pour systèmes 32 bits
Microsoft	Windows	Windows Server, version 20H2 (Server Core Installation)
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation)
Microsoft	Windows	Windows 10 Version 20H2 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation)
Microsoft	Windows	Windows 10 pour systèmes 32 bits
Microsoft	Windows	Windows 7 pour systèmes 32 bits Service Pack 1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 11 mai 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 2004 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1909 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 2004 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 20H2 (Server Core Installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 20H2 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-31167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31167"
    },
    {
      "name": "CVE-2021-31192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31192"
    },
    {
      "name": "CVE-2021-31188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31188"
    },
    {
      "name": "CVE-2020-24587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
    },
    {
      "name": "CVE-2021-31186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31186"
    },
    {
      "name": "CVE-2021-31168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31168"
    },
    {
      "name": "CVE-2021-31190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31190"
    },
    {
      "name": "CVE-2021-31165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31165"
    },
    {
      "name": "CVE-2021-31208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31208"
    },
    {
      "name": "CVE-2021-31182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31182"
    },
    {
      "name": "CVE-2021-28455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28455"
    },
    {
      "name": "CVE-2021-31194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31194"
    },
    {
      "name": "CVE-2021-31191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31191"
    },
    {
      "name": "CVE-2021-31187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31187"
    },
    {
      "name": "CVE-2020-24588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
    },
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    },
    {
      "name": "CVE-2020-26144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
    },
    {
      "name": "CVE-2021-31170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31170"
    },
    {
      "name": "CVE-2021-31185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31185"
    },
    {
      "name": "CVE-2021-31184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31184"
    },
    {
      "name": "CVE-2021-28476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28476"
    },
    {
      "name": "CVE-2021-31193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31193"
    },
    {
      "name": "CVE-2021-28479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28479"
    },
    {
      "name": "CVE-2021-31169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31169"
    },
    {
      "name": "CVE-2021-31205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31205"
    }
  ],
  "initial_release_date": "2021-05-12T00:00:00",
  "last_revision_date": "2021-05-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-367",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-05-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de code \u00e0\ndistance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une usurpation\nd\u0027identit\u00e9, un d\u00e9ni de service et un contournement de la fonctionnalit\u00e9\nde s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 11 mai 2021",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2021-AVI-622

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Modicon et PLC Simulator (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-04)
Schneider Electric	N/A	Pro-face GP-Pro EX versions antérieures à V4.09.300
Schneider Electric	N/A	Vijeo Designer versions antérieures à V6.2 SP11
Schneider Electric	N/A	EcoStruxure Process Expert toutes versions (inclus HDCS) et SCADAPack RemoteConnect pour x70 (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-02)
Schneider Electric	N/A	AccuSine PCS+ / PFV+ versions antérieures à V1.6.7
Schneider Electric	N/A	Vijeo Designer Basic versions antérieures à V1.2
Schneider Electric	N/A	EcoStruxure Control Expert versions antérieures à V15.0 SP1 (suivre la procédure de remédiation décrite dans le bulletin SEVD-2021-222-02)
Schneider Electric	N/A	AccuSine PCSn versions antérieures à V2.2.4
Schneider Electric	N/A	EcoStruxure Machine Expert versions antérieures à V2.0
Schneider Electric	N/A	SHAIIS-MT-111, SHASU-MT-107, SHFK-MT et SHFK-MT-104 sans le dernier correctif pour Windows
Schneider Electric	N/A	Programmable Automation Controller (PacDrive) M versions antérieures à 3 (suivre la procédure de contournement décrite dans le bulletin SEVD-2021-222-06)

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider Electric SEVD-2021-222-08 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-07 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-03 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-01 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-05 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-04 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-02 du 10 août 2021	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2021-222-06 du 10 août 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Modicon et PLC Simulator (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-04)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Pro-face GP-Pro EX versions ant\u00e9rieures \u00e0 V4.09.300",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Vijeo Designer versions ant\u00e9rieures \u00e0 V6.2 SP11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Process Expert toutes versions (inclus HDCS) et SCADAPack RemoteConnect pour x70 (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-02)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "AccuSine PCS+ / PFV+ versions ant\u00e9rieures \u00e0 V1.6.7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Vijeo Designer Basic versions ant\u00e9rieures \u00e0 V1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Control Expert versions ant\u00e9rieures \u00e0 V15.0 SP1 (suivre la proc\u00e9dure de rem\u00e9diation d\u00e9crite dans le bulletin SEVD-2021-222-02)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "AccuSine PCSn versions ant\u00e9rieures \u00e0 V2.2.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "EcoStruxure Machine Expert versions ant\u00e9rieures \u00e0 V2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "SHAIIS-MT-111, SHASU-MT-107, SHFK-MT et SHFK-MT-104 sans le dernier correctif pour Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Programmable Automation Controller (PacDrive) M versions ant\u00e9rieures \u00e0 3 (suivre la proc\u00e9dure de contournement d\u00e9crite dans le bulletin SEVD-2021-222-06)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21814"
    },
    {
      "name": "CVE-2021-34527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34527"
    },
    {
      "name": "CVE-2021-22791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22791"
    },
    {
      "name": "CVE-2021-21830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21830"
    },
    {
      "name": "CVE-2021-21828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21828"
    },
    {
      "name": "CVE-2021-21810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21810"
    },
    {
      "name": "CVE-2021-21813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21813"
    },
    {
      "name": "CVE-2021-22790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22790"
    },
    {
      "name": "CVE-2021-21825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21825"
    },
    {
      "name": "CVE-2021-21829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21829"
    },
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    },
    {
      "name": "CVE-2021-1675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-1675"
    },
    {
      "name": "CVE-2021-21826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21826"
    },
    {
      "name": "CVE-2021-21812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21812"
    },
    {
      "name": "CVE-2021-30186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30186"
    },
    {
      "name": "CVE-2021-21827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21827"
    },
    {
      "name": "CVE-2021-30188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30188"
    },
    {
      "name": "CVE-2021-22789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22789"
    },
    {
      "name": "CVE-2021-21815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21815"
    },
    {
      "name": "CVE-2021-22792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22792"
    },
    {
      "name": "CVE-2021-22793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22793"
    },
    {
      "name": "CVE-2021-22704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22704"
    },
    {
      "name": "CVE-2021-30195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30195"
    },
    {
      "name": "CVE-2021-21811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21811"
    },
    {
      "name": "CVE-2021-22775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22775"
    }
  ],
  "initial_release_date": "2021-08-12T00:00:00",
  "last_revision_date": "2021-08-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-622",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-08 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-08"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-07 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-03 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-01 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-05 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-04 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-02 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-06 du 10 ao\u00fbt 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
    }
  ]
}

gsd-2021-31166

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

HTTP Protocol Stack Remote Code Execution Vulnerability

Aliases

CVE-2021-31166

Aliases

CVE-2021-31166

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-31166",
    "description": "HTTP Protocol Stack Remote Code Execution Vulnerability",
    "id": "GSD-2021-31166",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2021-31166"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-31166"
      ],
      "details": "HTTP Protocol Stack Remote Code Execution Vulnerability",
      "id": "GSD-2021-31166",
      "modified": "2023-12-13T01:23:13.556374Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2021-31166",
      "dateAdded": "2022-04-06",
      "dueDate": "2022-04-27",
      "product": "HTTP Protocol Stack",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2021-31166",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Windows 10 Version 2004",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "10.0.0",
                          "version_value": "10.0.19041.982"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows Server version 2004",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "10.0.0",
                          "version_value": "10.0.19041.982"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows 10 Version 20H2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "10.0.0",
                          "version_value": "10.0.19042.982"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows Server version 20H2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "10.0.0",
                          "version_value": "10.0.19042.982"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "HTTP Protocol Stack Remote Code Execution Vulnerability"
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166",
            "refsource": "MISC",
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
          },
          {
            "name": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2021-31166"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "HTTP Protocol Stack Remote Code Execution Vulnerability"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
            },
            {
              "name": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-08-02T00:15Z",
      "publishedDate": "2021-05-11T19:15Z"
    }
  }
}

var-202105-1269

Vulnerability from variot

HTTP Protocol Stack Remote Code Execution Vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202105-1269",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "windows server 2004",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "10.0.19041.982"
      },
      {
        "model": "windows server 20h2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "10.0.19042.982"
      },
      {
        "model": "windows 10 20h2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "10.0.19042.982"
      },
      {
        "model": "windows 10 2004",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "10.0.19041.982"
      },
      {
        "model": "microsoft windows server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "20h2 (server core installation)"
      },
      {
        "model": "microsoft windows 10",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": null
      },
      {
        "model": "microsoft windows server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "2004 (server core installation)"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "0vercl0k",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-31166",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2021-31166",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-31166",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-31166",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "secure@microsoft.com",
            "id": "CVE-2021-31166",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202105-588",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-31166",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-31166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HTTP Protocol Stack Remote Code Execution Vulnerability. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31166"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-31166",
        "trust": 2.5
      },
      {
        "db": "PACKETSTORM",
        "id": "162722",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508",
        "trust": 0.8
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051132",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31166",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-31166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "id": "VAR-202105-1269",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 1.0
  },
  "last_update_date": "2024-07-10T19:48:14.806000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HTTP\u00a0Protocol\u00a0Stack\u00a0Remote\u00a0Code\u00a0Execution\u00a0Vulnerability Security Update Guide",
        "trust": 0.8,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-31166"
      },
      {
        "title": "Microsoft HTTP.sys Fixes for code injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=150832"
      },
      {
        "title": "CVE-2021-31166",
        "trust": 0.1,
        "url": "https://github.com/an0ny-m0us/cve-2021-31166 "
      },
      {
        "title": "CVE-2021-31166",
        "trust": 0.1,
        "url": "https://github.com/corelight/cve-2021-31166 "
      },
      {
        "title": "oldnews",
        "trust": 0.1,
        "url": "https://github.com/pathcl/oldnews "
      },
      {
        "title": "awesome-stars",
        "trust": 0.1,
        "url": "https://github.com/lumakernel/awesome-stars "
      },
      {
        "title": "CVE-2021-31166-detection-rules",
        "trust": 0.1,
        "url": "https://github.com/frankmock/cve-2021-31166-detection-rules "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/liang2kl/iot-exploits "
      },
      {
        "title": "CVE-2021-31166",
        "trust": 0.1,
        "url": "https://github.com/c4dr01d/cve-2021-31166 "
      },
      {
        "title": "WIn-CVE-2021-31166",
        "trust": 0.1,
        "url": "https://github.com/bgsilvait/win-cve-2021-31166 "
      },
      {
        "title": "CVE-2021-31166",
        "trust": 0.1,
        "url": "https://github.com/udyz/cve-2021-31166 "
      },
      {
        "title": "CVE-2021-31166",
        "trust": 0.1,
        "url": "https://github.com/zecopro/cve-2021-31166 "
      },
      {
        "title": "curated-article",
        "trust": 0.1,
        "url": "https://github.com/dravenww/curated-article "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-31166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://packetstormsecurity.com/files/162722/microsoft-http-protocol-stack-remote-code-execution.html"
      },
      {
        "trust": 1.6,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-31166"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31166"
      },
      {
        "trust": 0.8,
        "url": "https://www.ipa.go.jp/security/ciadr/vul/20210512-ms.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.jpcert.or.jp/at/2021/at210024.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/windows-vulnerabilities-of-may-2021-35384"
      },
      {
        "trust": 0.6,
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-31166"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051132"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2021-31166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-31166"
      },
      {
        "date": "2021-05-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      },
      {
        "date": "2021-05-11T19:15:09.300000",
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-08-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-31166"
      },
      {
        "date": "2021-05-26T07:24:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      },
      {
        "date": "2024-07-09T18:28:03.397000",
        "db": "NVD",
        "id": "CVE-2021-31166"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-588"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft\u00a0Windows\u00a010\u00a0 and \u00a0Windows\u00a0Server\u00a0 Remote Code Execution Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001508"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

cnvd-2021-35510

Vulnerability from cnvd

Title

Microsoft HTTP.sys远程代码执行漏洞

Description

Microsoft HTTP.sys是美国微软（Microsoft）公司的一个应用协议。HTTP应用协议。 Microsoft HTTP.sys存在远程代码执行漏洞。目前没有详细漏洞细节提供。

Severity

高

Patch Name

Microsoft HTTP.sys远程代码执行漏洞的补丁

Patch Description

Microsoft HTTP.sys是美国微软（Microsoft）公司的一个应用协议。HTTP应用协议。 Microsoft HTTP.sys存在远程代码执行漏洞。目前没有详细漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-31166

Impacted products

Name
['Microsoft Windows Server 2004', 'Microsoft Windows 10 2004', 'Microsoft Windows 10 20H2', 'Microsoft Windows Server 20H2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-31166"
    }
  },
  "description": "Microsoft HTTP.sys\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u534f\u8bae\u3002HTTP\u5e94\u7528\u534f\u8bae\u3002\n\nMicrosoft HTTP.sys\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-35510",
  "openTime": "2021-05-19",
  "patchDescription": "Microsoft HTTP.sys\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u534f\u8bae\u3002HTTP\u5e94\u7528\u534f\u8bae\u3002\r\n\r\nMicrosoft HTTP.sys\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft HTTP.sys\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows Server 2004",
      "Microsoft Windows 10 2004",
      "Microsoft Windows 10 20H2",
      "Microsoft Windows Server 20H2"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-31166",
  "serverity": "\u9ad8",
  "submitTime": "2021-05-14",
  "title": "Microsoft HTTP.sys\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

fkie_cve-2021-31166

Vulnerability from fkie_nvd

Published

2021-05-11 19:15

Modified

2025-10-30 19:55

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

HTTP Protocol Stack Remote Code Execution Vulnerability

References

URL	Tags
secure@microsoft.com	http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166	Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166	US Government Resource

Impacted products

Vendor	Product	Version
microsoft	windows_10_2004	*
microsoft	windows_10_20h2	*
microsoft	windows_server_2004	*
microsoft	windows_server_20h2	*

JSON

To clipboard

{
  "cisaActionDue": "2022-04-27",
  "cisaExploitAdd": "2022-04-06",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F170C517-0312-457D-9108-ECA6638C8223",
              "versionEndExcluding": "10.0.19041.982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "957F366C-FD59-479A-A6C5-F93E35436549",
              "versionEndExcluding": "10.0.19042.982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD0A39ED-F4B4-4C2D-BDB4-088426F2377B",
              "versionEndExcluding": "10.0.19041.982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F42A77A0-2B44-4C08-8BBB-851B22AED6E8",
              "versionEndExcluding": "10.0.19042.982",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HTTP Protocol Stack Remote Code Execution Vulnerability"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota de HTTP Protocol Stack"
    }
  ],
  "id": "CVE-2021-31166",
  "lastModified": "2025-10-30T19:55:18.167",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-05-11T19:15:09.300",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

ghsa-3mj9-c62w-jw5w

Vulnerability from github

Published

2022-05-24 19:02

Modified

2025-10-22 00:32

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

HTTP Protocol Stack Remote Code Execution Vulnerability

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-31166"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-11T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "HTTP Protocol Stack Remote Code Execution Vulnerability",
  "id": "GHSA-3mj9-c62w-jw5w",
  "modified": "2025-10-22T00:32:13Z",
  "published": "2022-05-24T19:02:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31166"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31166"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31166"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/162722/Microsoft-HTTP-Protocol-Stack-Remote-Code-Execution.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2021-ALE-009

Vulnerability from certfr_alerte

[version du 21 mai 2021]

Le CERT-FR a connaissance de l'existence de codes d'attaques publics provoquant un déni de service sur l'équipement ciblé. Il est fortement recommandé de mettre à jour les postes de travail et les serveurs installés avec les versions du système d'exploitation affectées par cette vulnérabilité.

[version initiale]

Le système d'exploitation Microsoft Windows propose un service de gestion des requêtes HTTP sous la forme d'un pilote en mode noyau appelé http.sys. Une vulnérabilité a été découverte dans ce pilote pour Windows Server et Windows 10. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et l'éditeur considère qu'elle peut être exploitée dans le cadre d'attaques à propagation de type "ver informatique".

Le pilote http.sys est notamment utilisé par Microsoft IIS, le service Windows Remote Management (WinRM) ainsi que le service SSDP. Il est donc présent sur les serveurs mais également sur les postes de travail. Par conséquent, le CERT-FR recommande de considérer que l'ensemble des machines utilisant une version de Windows affectée est vulnérable.

La vulnérabilité a été découverte par l'éditeur, cependant la probabilité que des codes d'attaques soient mis au point rapidement est très élevée.

Solution

Le CERT-FR recommande de procéder sans délai à la mise à jour des systèmes d'exploitation affectés en commençant par les machines exposées sur des réseaux non sécurisés.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows 10 version 20H2
Microsoft	Windows	Windows Server version 2004
Microsoft	Windows	Windows Server version 20H2
Microsoft	Windows	Windows 10 version 2004

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2021-31166 du 11 mai 2021	None	vendor-advisory
Avis de sécurité CERT-FR CERTFR-2021-AVI-367 du 12 mai 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows 10 version 20H2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server version 2004",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server version 20H2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 version 2004",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2021-06-10",
  "content": "## Solution\n\n**Le CERT-FR recommande de proc\u00e9der sans d\u00e9lai \u00e0 la mise \u00e0 jour des\nsyst\u00e8mes d\u0027exploitation affect\u00e9s en commen\u00e7ant par les machines expos\u00e9es\nsur des r\u00e9seaux non s\u00e9curis\u00e9s.**\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-31166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31166"
    }
  ],
  "initial_release_date": "2021-05-12T00:00:00",
  "last_revision_date": "2021-06-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-ALE-009",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-05-12T00:00:00.000000"
    },
    {
      "description": "Des codes d\u0027attaques sont d\u00e9sormais publics.",
      "revision_date": "2021-05-21T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2021-06-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[version du 21 mai 2021\\]\u003c/strong\u003e\n\nLe CERT-FR a connaissance de l\u0027existence de codes d\u0027attaques publics\nprovoquant un d\u00e9ni de service sur l\u0027\u00e9quipement cibl\u00e9. Il est fortement\nrecommand\u00e9 de mettre \u00e0 jour les postes de travail et les serveurs\ninstall\u00e9s avec les versions du syst\u00e8me d\u0027exploitation affect\u00e9es par\ncette vuln\u00e9rabilit\u00e9.\n\n\u003cstrong\u003e\\[version initiale\\]\u003c/strong\u003e\n\nLe syst\u00e8me d\u0027exploitation Microsoft Windows propose un service de\ngestion des requ\u00eates HTTP sous la forme d\u0027un pilote en mode noyau appel\u00e9\nhttp.sys. Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ce pilote pour Windows\nServer et Windows 10. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance et l\u0027\u00e9diteur consid\u00e8re qu\u0027elle\npeut \u00eatre exploit\u00e9e dans le cadre d\u0027attaques \u00e0 propagation de type \"ver\ninformatique\".\n\nLe pilote http.sys est notamment utilis\u00e9 par Microsoft IIS, le service\nWindows Remote Management (WinRM) ainsi que le service SSDP. Il est donc\npr\u00e9sent sur les serveurs mais \u00e9galement sur les postes de travail. Par\ncons\u00e9quent, le CERT-FR recommande de consid\u00e9rer que l\u0027ensemble des\nmachines utilisant une version de Windows affect\u00e9e est vuln\u00e9rable.\n\nLa vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte par l\u0027\u00e9diteur, cependant la\nprobabilit\u00e9 que des codes d\u0027attaques soient mis au point rapidement est\ntr\u00e8s \u00e9lev\u00e9e.\n",
  "title": "[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-31166 du 11 mai 2021",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166"
    },
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 CERT-FR CERTFR-2021-AVI-367 du 12 mai 2021",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-367/"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2021-31166 (GCVE-0-2021-31166)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Vulnerability from certfr_avis

Solution

Vulnerability from certfr_avis

Solution

Vulnerability from gsd

Vulnerability from variot

Vulnerability from cnvd

Vulnerability from fkie_nvd

Vulnerability from github

Vulnerability from certfr_alerte

Solution

Tags

Sightings

Nomenclature