Windows NTLM Elevation of Privilege Vulnerability
A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Windows_10 | Microsoft | - (including) | - (including) |
| Windows_10 | Microsoft | 20h2 (including) | 20h2 (including) |
| Windows_10 | Microsoft | 21h1 (including) | 21h1 (including) |
| Windows_10 | Microsoft | 1607 (including) | 1607 (including) |
| Windows_10 | Microsoft | 1809 (including) | 1809 (including) |
| Windows_10 | Microsoft | 1909 (including) | 1909 (including) |
| Windows_10 | Microsoft | 2004 (including) | 2004 (including) |
| Windows_7 | Microsoft | –sp1 (including) | –sp1 (including) |
| Windows_8.1 | Microsoft | - (including) | - (including) |
| Windows_rt_8.1 | Microsoft | - (including) | - (including) |
| Windows_server_2008 | Microsoft | r2-sp1 (including) | r2-sp1 (including) |
| Windows_server_2008 | Microsoft | sp2 (including) | sp2 (including) |
| Windows_server_2012 | Microsoft | - (including) | - (including) |
| Windows_server_2012 | Microsoft | r2 (including) | r2 (including) |
| Windows_server_2016 | Microsoft | - (including) | - (including) |
| Windows_server_2016 | Microsoft | 20h2 (including) | 20h2 (including) |
| Windows_server_2016 | Microsoft | 1909 (including) | 1909 (including) |
| Windows_server_2016 | Microsoft | 2004 (including) | 2004 (including) |
| Windows_server_2019 | Microsoft | - (including) | - (including) |