PrintNightmare Vulnerability (CVE-2021-1675)
CVE-2021-1675(akaPrintNightmare) is a vulnerability in the built-in Windows “Print Spooler” service. Microsoft released a patch for CVE-2021-1675as
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
1 min read
Cyrus Robinson : Oct 22, 2021 12:00:00 AM
These vulnerabilities are currently being exploited in the wild. As of October 21st, there are nearly 48,000 web-exposed servers with these vulnerabilities.
Apache HTTP Server version 2.4.49 and 2.4.50.
These vulnerabilities are currently being exploited in the wild. As of October 21st, there are nearly 48,000 web-exposed servers with these vulnerabilities.
CVE-2021-41773: “High” severity with a CVSS 3.0 rating of 7.5.
CVE-2021-42013: “Critical” severity with a CVSS 3.0 rating of 9.8.
Path traversal attacks involve sending requests to access backend or sensitive server directories that should be out of reach. Normally, these requests are blocked, but in this case, the filters are bypassed by using encoded characters. The vulnerabilities have been fixed in the most recent version of Apache (2.4.51).
Apache has provided an update to address these issues (version 2.4.51).
Organizations that currently use Apache HTTP Server Version 2.4.49 or 2.4.50 should upgrade to version 2.4.51 as soon as possible.
CVE-2021-1675(akaPrintNightmare) is a vulnerability in the built-in Windows “Print Spooler” service. Microsoft released a patch for CVE-2021-1675as
Apache Log4j2 <=2.14.1 JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and...
Microsoft has completed the investigation and has released security updates to address this vulnerability. It is recommended that these updates be...