cnvd - cnvd-2020-40878

CNVD-2020-40878

Vulnerability from cnvd - Published: 2020-07-20

Title

Microsoft Windows iSCSI Target Service权限提升漏洞

Description

Windows Server是微软发布的一系列服务器操作系统的品牌名，它包括所有以“Windows Server”为品牌发布的Windows操作系统。 Microsoft Windows iSCSI Target Service存在权限提升漏洞，该漏洞源于Windows iSCSI Target服务未能正确处理文件操作，攻击者可通过运行特制应用程序利用该漏洞提升权限。

Severity

中

Patch Name

Microsoft Windows iSCSI Target Service权限提升漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356

Impacted products

Name
['Microsoft Windows Windows Server 2012', 'Microsoft Windows Server 2012 R2', 'Microsoft Windows Server 2016', 'Microsoft Windows Server 2019', 'Microsoft Microsoft Windows Server 1903', 'Microsoft Microsoft Windows Server 1909', 'Microsoft Windows Server 2004']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-1356",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-1356"
    }
  },
  "description": "Windows Server\u662f\u5fae\u8f6f\u53d1\u5e03\u7684\u4e00\u7cfb\u5217\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u7684\u54c1\u724c\u540d\uff0c\u5b83\u5305\u62ec\u6240\u6709\u4ee5\u201cWindows Server\u201d\u4e3a\u54c1\u724c\u53d1\u5e03\u7684Windows\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nMicrosoft Windows iSCSI Target Service\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eWindows iSCSI Target\u670d\u52a1\u672a\u80fd\u6b63\u786e\u5904\u7406\u6587\u4ef6\u64cd\u4f5c\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884c\u7279\u5236\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-40878",
  "openTime": "2020-07-20",
  "patchDescription": "Windows Server\u662f\u5fae\u8f6f\u53d1\u5e03\u7684\u4e00\u7cfb\u5217\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u7684\u54c1\u724c\u540d\uff0c\u5b83\u5305\u62ec\u6240\u6709\u4ee5\u201cWindows Server\u201d\u4e3a\u54c1\u724c\u53d1\u5e03\u7684Windows\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nMicrosoft Windows iSCSI Target Service\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eWindows iSCSI Target\u670d\u52a1\u672a\u80fd\u6b63\u786e\u5904\u7406\u6587\u4ef6\u64cd\u4f5c\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884c\u7279\u5236\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows iSCSI Target Service\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows Windows Server 2012",
      "Microsoft Windows Server 2012 R2",
      "Microsoft Windows Server 2016",
      "Microsoft Windows Server 2019",
      "Microsoft Microsoft Windows Server 1903",
      "Microsoft Microsoft Windows Server 1909",
      "Microsoft Windows Server 2004"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356",
  "serverity": "\u4e2d",
  "submitTime": "2020-07-17",
  "title": "Microsoft Windows iSCSI Target Service\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2020-1356 (GCVE-0-2020-1356)

Vulnerability from cvelistv5 – Published: 2020-07-14 22:54 – Updated: 2024-08-04 06:32

Summary

An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations, aka 'Windows iSCSI Target Service Elevation of Privilege Vulnerability'.

Severity ?

No CVSS data available.

CWE

Elevation of Privilege

Assigner

microsoft

References

URL

Tags

https://portal.msrc.microsoft.com/en-US/security-…

x_refsource_MISC

Impacted products

Vendor

Product

Version

Microsoft

Windows Server, version 2004 (Server Core installation)

Affected: unspecified

Microsoft	Windows Server	Affected: 2019 Affected: 2019 (Core installation) Affected: 2016 Affected: 2016 (Core installation) Affected: 2012 Affected: 2012 (Core installation) Affected: 2012 R2 Affected: 2012 R2 (Core installation)
Microsoft	Windows Server, version 1909 (Server Core installation)	Affected: unspecified
Microsoft	Windows Server, version 1903 (Server Core installation)	Affected: unspecified

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:32:01.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Windows Server, version 2004 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "2019"
            },
            {
              "status": "affected",
              "version": "2019  (Core installation)"
            },
            {
              "status": "affected",
              "version": "2016"
            },
            {
              "status": "affected",
              "version": "2016  (Core installation)"
            },
            {
              "status": "affected",
              "version": "2012"
            },
            {
              "status": "affected",
              "version": "2012 (Core installation)"
            },
            {
              "status": "affected",
              "version": "2012 R2"
            },
            {
              "status": "affected",
              "version": "2012 R2 (Core installation)"
            }
          ]
        },
        {
          "product": "Windows Server, version 1909 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows Server, version 1903 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations, aka \u0027Windows iSCSI Target Service Elevation of Privilege Vulnerability\u0027."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-14T22:54:09",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2020-1356",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Windows Server, version 2004 (Server Core installation)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019"
                          },
                          {
                            "version_value": "2019  (Core installation)"
                          },
                          {
                            "version_value": "2016"
                          },
                          {
                            "version_value": "2016  (Core installation)"
                          },
                          {
                            "version_value": "2012"
                          },
                          {
                            "version_value": "2012 (Core installation)"
                          },
                          {
                            "version_value": "2012 R2"
                          },
                          {
                            "version_value": "2012 R2 (Core installation)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server, version 1909 (Server Core installation)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server, version 1903 (Server Core installation)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations, aka \u0027Windows iSCSI Target Service Elevation of Privilege Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Elevation of Privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356",
              "refsource": "MISC",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-1356",
    "datePublished": "2020-07-14T22:54:09",
    "dateReserved": "2019-11-04T00:00:00",
    "dateUpdated": "2024-08-04T06:32:01.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-40878

CVE-2020-1356 (GCVE-0-2020-1356)

Tags

Sightings

Nomenclature