Remove Authentication Remove Azure Remove DevOps Remove LAN
article thumbnail

Microsoft’s February 2024 Patch Tuesday Addresses 73 CVEs (CVE-2024-21351, CVE-2024-21412)

Tenable

Successful exploitation of this flaw would allow an attacker to relay a New Technology LAN Manager Version 2 (NTLMv2) hash against a vulnerable server. In order to exploit this flaw, an attacker would need to be authenticated with LAN-access and have a valid login for an Exchange user.

LAN 125
article thumbnail

Microsoft’s September 2023 Patch Tuesday Addresses 61 CVEs (CVE-2023-36761)

Tenable

Successful exploitation of this flaw would allow for the disclosure of New Technology LAN Manager (NTLM) hashes. Successful exploitation of these vulnerabilities requires an attacker to authenticate with LAN-access and have valid credentials for an Exchange user. Each of these vulnerabilities were given CVSSv3 scores of 8.0

LAN 120
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

Microsoft’s October 2023 Patch Tuesday Addresses 103 CVEs (CVE-2023-36563, CVE-2023-41763)

Tenable

Successful exploitation could lead to the disclosure of New Technology LAN Manager (NTLM) hashes. To combat this, we recommend reviewing the suggestions from this Cybersecurty and Infrastructure Security Agency (CISA) blog post and the Tenable whitepaper, Password, Authentication and Web Best Practices. and is rated as important.

Windows 115
article thumbnail

Microsoft’s August 2023 Patch Tuesday Addresses 73 CVEs (CVE-2023-38180)

Tenable

According to the advisories, exploitation of these vulnerabilities would allow an authenticated attacker to execute code using a PowerShell remoting session. In order to successfully exploit this flaw, the attacker would first need to have LAN access and valid credentials for an Exchange user. These were omitted from our totals.

Windows 98