CVE-2021-31167 – Windows Container Manager Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31167
Windows Container Manager Service Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios del servicio de Windows Container Manager. Este ID de CVE es diferente de CVE-2021-31165, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208 The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation. • http://packetstormsecurity.com/files/162559/Windows-Container-Manager-Service-CmsRpcSrv_MapNamedPipeToContainer-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31167 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2021-31165 – Windows Container Manager Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31165
Windows Container Manager Service Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios del servicio de Windows Container Manager Este ID de CVE es diferente de CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208 The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another user identity leading to privilege escalation. • http://packetstormsecurity.com/files/162555/Windows-Container-Manager-Service-CmsRpcSrv_CreateContainer-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31165 • CWE-863: Incorrect Authorization •
CVE-2021-28479 – Windows CSC Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-28479
Windows CSC Service Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Windows CSC Service • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28479 •
CVE-2021-28476 – Windows Hyper-V Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28476
Windows Hyper-V Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Hyper-V • https://github.com/0vercl0k/CVE-2021-28476 https://github.com/bluefrostsecurity/CVE-2021-28476 https://github.com/LaCeeKa/CVE-2021-28476-tools-env https://github.com/australeo/CVE-2021-28476 http://packetstormsecurity.com/files/163497/Microsoft-Hyper-V-vmswitch.sys-Proof-Of-Concept.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28476 •
CVE-2021-28455 – Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28455
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Jet Red Database Engine y Access Connectivity Engine • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28455 •