CVE-2024-49121

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 12, 2024
CWE ID 476

Summary

CVE-2024-49121 represents a newly disclosed Denial of Service (DoS) vulnerability affecting Windows Lightweight Directory Access Protocol (LDAP) servers. Maliciously crafted LDAP packets can trigger an issue, causing the server to crash or become unresponsive, leading to a potential DoS condition. This vulnerability poses a threat to organizations utilizing Windows LDAP servers, necessitating immediate attention and appropriate mitigations. Microsoft has acknowledged the issue and is working on a patch to address it. In the meantime, administrators are advised to implement temporary workarounds to minimize the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows 11
  • Microsoft Windows Server 2008
  • Microsoft Windows
  • Microsoft Windows Server

Affected Vendors

  • Microsoft