CVE-2022-21889 Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21889 Windows IKE Extension Denial of Service Vulnerability

These vulnerabilities have been assigned critical severity ratings by RedTeam Pentesting. In order to exploit this vulnerability, a remote attacker must send a malformed SIP INVITE message to the targeted system. An attacker can leverage this vulnerability to launch a denial of service attack against the targeted system.

RedTeam Pentesting discovered this vulnerability while performing analysis of VoIP systems. We discovered that in many VoIP systems, the Windows IKE extension is disabled by default. This makes it possible for an attacker to leverage this vulnerability by sending a SIP INVITE message to the targeted system. An attacker can leverage this vulnerability to launch a denial of service attack against the targeted system.

Mitigation

To mitigate this vulnerability, you should make sure that Windows IKE extension is enabled on your system. For instructions on how to enable this feature, follow the instructions provided here. In addition, if you are using SIP protocol in your VoIP system, make sure that Windows IKE Extension is enabled. Finally, make sure that SIP protocol is enabled on your system.

Windows IKE Extension

The Windows IKE Extension is a service that allows you to create and manage IPsec policies on your system. If this service is disabled on your system, it will not allow the creation of IPsec policies. This makes it possible for an attacker to leverage this vulnerability by sending a SIP INVITE message to the targeted system.

Microsoft Office and Outlook Web Apps – CVE-2023-21890

These vulnerabilities have been assigned critical severity ratings by RedTeam Pentesting. In order to exploit these vulnerabilities, an attacker must steal a cookie from the targeted system. An attacker can leverage this vulnerability to launch a denial of service attack against the targeted system.

RedTeam Pentesting discovered these vulnerabilities while performing analysis of Microsoft Office and Outlook Web Apps. We discovered that in both Microsoft Office and Outlook Web Apps, a stored cross-site scripting vulnerability exists in the URL handling mechanism which makes it possible for an attacker to leverage this vulnerability to launch a denial of service attack against the targeted system.

Mitigation

To mitigate this vulnerability, you should make sure that your web server is properly configured to prevent cross-site scripting attacks.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe