CVE-2022-21871 Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability.

CVE-2022-21871 Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability.

An attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as the administrator. This issue can be exploited when a user views data from a Microsoft Diagnostics Hub Standard Collector. An attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as the administrator. This issue can be exploited when a user views data from a Microsoft Diagnostics Hub Standard Collector. Microsoft received information that indicates that a group or an individual might have active monitoring systems that collect network traffic from a monitored device. The monitoring system may be set up to collect information from one or more of the following devices: Windows 10, Windows 8.1, Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2012, and Windows Server 2008 R2. This issue is only applicable to Windows 10, Windows 8.1, and Windows 7 systems. If users view data from a Microsoft Diagnostics Hub Standard Collector, an attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as the administrator. Microsoft received information that indicates that a group or an individual might have active monitoring systems that collect network traffic from a monitored device

Microsoft Graph Vulnerability

An attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as the administrator. This issue can be exploited when a user views data from a Microsoft Diagnostics Hub Standard Collector. An attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as the administrator. This issue can be exploited when a user views data from a Microsoft Diagnostics Hub Standard Collector. Microsoft received information that indicates that a group or an individual might have active monitoring systems that collect network traffic from a monitored device. The monitoring system may be set up to collect information from one or more of the following devices: Windows 10, Windows 8.1, Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2012, and Windows Server 2008 R2. This issue is only applicable to Windows 10, Windows 8.1, and Windows 7 systems

Microsoft Graph API

An attacker can spoof the DNS server and get an attacker to connect to a target system. This issue can be exploited when a user views data from a Microsoft Diagnostics Hub Standard Collector.
If users view data from a Microsoft Diagnostics Hub Standard Collector, an attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as administrator.
Microsoft received information that indicates that a group or an individual might have active monitoring systems that collect network traffic from a monitored device. The monitoring system may be set up to collect information from one or more of the following devices: Windows 10, Windows 8.1, Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2012, and Windows Server 2008 R2

Microsoft Windows DNS Spoofing Vulnerability

The Microsoft Windows DNS Spoofing Vulnerability is an issue that may potentially exist in the Microsoft Diagnostics Hub Standard Collector. An attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as the administrator. This issue can be exploited when a user views data from a Microsoft Diagnostics Hub Standard Collector.

Microsoft received information that indicates that a group or an individual might have active monitoring systems that collect network traffic from a monitored device. The monitoring system may be set up to collect information from one or more of the following devices: Windows 10, Windows 8.1, Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2012, and Windows Server 2008 R2. This issue is only applicable to Windows 10, Windows 8.1, and Windows 7 systems

Microsoft Diagnostics Hub Standard Collector

A Microsoft Diagnostics Hub Standard Collector (MSHDHC) is a computer that collects network traffic from a monitored device in order to provide insight on the health of the device. The MSHDHC monitors utilization, diagnostic data, and performance metrics that are specific to the device. The MSHDHC can also provide insights into other devices on the same network such as printers, routers, switches, or storage devices. These devices can be configured to allow an administrator to view their status and metrics using the MSHDHC.
An attacker can spoof the DNS server and get an attacker to connect to the target system and obtain data or perform other actions as the administrator. This issue can be exploited when a user views data from a Microsoft Diagnostics Hub Standard Collector

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe