mirror of https://github.com/qwqdanchun/Goby.git
47 lines
2.6 KiB
JSON
47 lines
2.6 KiB
JSON
{
|
||
"Name": "CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE",
|
||
"Description": "A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.",
|
||
"Product": "rdp",
|
||
"Homepage": "http://www.ntfa.cn/product-70-cn.html",
|
||
"DisclosureDate": "2019-05-14",
|
||
"Author": "LubyRuffy",
|
||
"FofaQuery": "protocol=\"rdp\"",
|
||
"GobyQuery": "",
|
||
"Level": "3",
|
||
"Impact": "An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system",
|
||
"Recommendation": "Download patch from: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
|
||
"References": [
|
||
"https://github.com/zerosum0x0/CVE-2019-0708/",
|
||
"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
|
||
"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
|
||
"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
|
||
"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
|
||
"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
|
||
"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
|
||
"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
|
||
"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
|
||
"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
|
||
"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
|
||
"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
|
||
"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
|
||
"https://nvd.nist.gov/vuln/detail/CVE-2019-0708",
|
||
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0708"
|
||
],
|
||
"HasExp": false,
|
||
"ExpParams": null,
|
||
"ExpTips": {
|
||
"Type": "",
|
||
"Content": ""
|
||
},
|
||
"ScanSteps": null,
|
||
"Tags": [
|
||
"rce"
|
||
],
|
||
"AttackSurfaces": {
|
||
"Service": ["rdp"]
|
||
},
|
||
"CVEIDs": [
|
||
"CVE-2019-0708"
|
||
],
|
||
"CVSSScore": "9.8"
|
||
} |