HTTP: Microsoft Windows CVE-2019-1074 Elevation of Privilege
This signature detects attempts to exploit a known vulnerability against Microsoft Windows. A successful attack can lead to elevation of privilege.
Extended Description
An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1082.
Affected Products
Microsoft windows_server_2019
References
CVE: CVE-2019-1074
Short Name
HTTP:STC:DL:CVE-2019-1074-PE
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2019-1074 Elevation Microsoft Privilege Windows of
Release Date
07/09/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Microsoft
CVSS Score
2.1