Nov 2021: Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2021-42278 Published on November 10, 2021
Active Directory Domain Services Elevation of Privilege Vulnerability
Active Directory Domain Services Elevation of Privilege Vulnerability
Known Exploited Vulnerability
This Microsoft Active Directory Domain Services Privilege Escalation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Active Directory Domain Services contains an unspecified vulnerability which allows for privilege escalation.
The following remediation steps are recommended / required by May 2, 2022: Apply updates per vendor instructions.
Products Associated with CVE-2021-42278
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Windows Server 2019:- Version 10.0.0 and below 10.0.17763.2300 is affected.
- Version 10.0.0 and below 10.0.17763.2300 is affected.
- Version 10.0.0 and below 10.0.20348.350 is affected.
- Version 10.0.0 and below 10.0.19041.1348 is affected.
- Version 10.0.0 and below 10.0.19042.1348 is affected.
- Version 10.0.0 and below 10.0.14393.4770 is affected.
- Version 10.0.0 and below 10.0.14393.4770 is affected.
- Version 6.0.0 and below 6.0.6003.21282 is affected.
- Version 6.0.0 and below 6.0.6003.21282 is affected.
- Version 6.0.0 and below 6.0.6003.21282 is affected.
- Version 6.1.0 and below 6.1.7601.25769 is affected.
- Version 6.0.0 and below 6.1.7601.25769 is affected.
- Version 6.2.0 and below 6.2.9200.23517 is affected.
- Version 6.2.0 and below 6.2.9200.23517 is affected.
- Version 6.3.0 and below 6.3.9600.20174 is affected.
- Version 6.3.0 and below 6.3.9600.20174 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.