CNNVD-202507-1066 Information
CNNVD ID
CNNVD-202507-1066
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Microsoft Windows Kerberos是美国微软(Microsoft)公司的一个用于在网络集群中进行身份验证的软件。Kerberos 同时作为一种网络认证协议,其设计目标是通过密钥系统为客户机/服务器应用程序提供强大的认证服务。 Microsoft Windows Kerberos存在缓冲区错误漏洞。攻击者利用该漏洞导致系统拒绝服务。以下产品和版本受到影响:Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server 2025 (Server Core installation),Windows Server 2022, 23H2 Edition (Server Core installation),Windows Server 2025。
Description (English)
Microsoft Windows Kerberos is a software used by Microsoft USA for authentication in network clusters. Kerberos is also serving as a web authentication protocol designed to provide a robust authentication service for client/server applications through a key system. Microsoft Windows Kerberos has an error hole in the buffer zone. The attackers used the loophole to cause the system to refuse services. The following products and versions have been affected: Windows Server 2022, Windows Server 2022 (Server Control integration), Windows Server 2025 (Server Corporation), Windows Server 2022, 23H2 Evaluation (Server Corporation), Windows Server 2025.
Hazard Level
High
Vulnerability Type
缓冲区错误
Affected Vendor
微软
Published
2025-07-08
Last Modified
2026-02-24
References
https://nvd.nist.gov/vuln/detail/CVE-2025-47978
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47978
Share on: