Check: 2012-B-0122
Windows 2012 IAVM:
2012-B-0122
(in version v1 r30)
Title
Microsoft Windows IP-HTTPS Server Security Bypass Vulnerability (Cat I impact)
Discussion
Microsoft has released a security bulletin addressing a vulnerability in the Windows IP-HTTPS component. To exploit this vulnerability. an attacker would need to present a revoked certificate issued from the target domain to an IP-HTTPS Microsoft DirectAccess server in that domain. If successfully exploited, an attacker would be able to bypass certificate validation checks and compromise the system.
Check Content
Fix Text
Additional Identifiers
Rule ID:
Vulnerability ID: V-35489
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |