COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Active Directory product

3
failure events
0
zero-days
0
RCEs
3
on KEV
2
critical
80
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2022-04-11 CVE-2021-42278 critical ⌖KEV 80 Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
2022-04-11 CVE-2021-42287 critical ⌖KEV 80 Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
2022-08-18 CVE-2022-26923 high ⌖KEV 50 An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.