Exposures › CVE-2014-1812
CVE-2014-1812
Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⌖ exploited in the wild
shame 80/100
ransomwareexploited-in-wild
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use t
Players implicated
Description
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
Affected FedRAMP products 4 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Azure Commercial Cloud | Microsoft | Authorized | vendor-exact · 0.90 |
| Azure Government (includes Dynamics 365) | Microsoft | Authorized | vendor-exact · 0.90 |
| Microsoft Office 365 GCC High | Microsoft | In Process | vendor-exact · 0.90 |
| Office 365 Multi-Tenant & Supporting Services | Microsoft | Authorized | vendor-exact · 0.90 |