CVE-2021-36942
Essential information
- Published
- 03/11/2021 01:00
- Modified
- 21/12/2025 18:00
- Author
- Cybersecurity and Infrastructure Security Agency
- Creator
- Cybersecurity and Infrastructure Security Agency
- CISA KEV
- Yes
- CWE
- —
- CVSS vector
- — — —
Description
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.
NVD status
- NVD
- View on NVD