216.73.217.80

CVE-2021-36942

· Published 03/11/2021 01:00 · Modified 21/12/2025 18:00 · Author: Cybersecurity and Infrastructure Security Agency

Labels: CVE-2021-36942

Essential information

Published
03/11/2021 01:00
Modified
21/12/2025 18:00
Author
Cybersecurity and Infrastructure Security Agency
Creator
Cybersecurity and Infrastructure Security Agency
CISA KEV
Yes
CWE

Description

Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.

NVD status

NVD
View on NVD