CVE-2024-21343

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 13, 2024

Updated: May 29, 2024

CWE ID 125

Summary

CVE-2024-21377 is a newly disclosed vulnerability affecting Windows DNS servers. This information disclosure issue allows attackers to obtain sensitive information by manipulating specific DNS requests. An unauthenticated attacker can potentially gain knowledge about the existence and configuration of various internal systems, increasing the risk of further exploitation. Microsoft has released a security advisory and patch to mitigate this vulnerability, urging administrators to apply the update promptly to safeguard their networks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ugcldo
https://www.cve.org/CVERecord?id=CVE-2024-21343
https://nvd.nist.gov/vuln/detail/CVE-2024-21343

Back to Vulnerability Database

CVE-2024-21343

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations