CVE Vulnerabilities

CVE-2024-20674

Authentication Bypass by Spoofing

Published: Jan 09, 2024 | Modified: Jan 14, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Windows Kerberos Security Feature Bypass Vulnerability

Weakness

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Affected Software

Name Vendor Start Version End Version
Windows_10_1507 Microsoft * *
Windows_10_1507 Microsoft * *
Windows_10_1607 Microsoft * *
Windows_10_1607 Microsoft * *
Windows_10_1809 Microsoft * *
Windows_10_1809 Microsoft * *
Windows_10_1809 Microsoft * *
Windows_10_21h2 Microsoft * *
Windows_10_21h2 Microsoft * *
Windows_10_21h2 Microsoft * *
Windows_10_22h2 Microsoft * *
Windows_10_22h2 Microsoft * *
Windows_10_22h2 Microsoft * *
Windows_11_21h2 Microsoft * *
Windows_11_21h2 Microsoft * *
Windows_11_22h2 Microsoft * *
Windows_11_22h2 Microsoft * *
Windows_11_23h2 Microsoft * *
Windows_11_23h2 Microsoft * *
Windows_server_2008 Microsoft - -
Windows_server_2008 Microsoft - -
Windows_server_2012 Microsoft - -
Windows_server_2012 Microsoft r2 r2
Windows_server_2016 Microsoft - -
Windows_server_2019 Microsoft - -
Windows_server_2022 Microsoft - -

References