CVE-2021-41366: Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
First published: Wed Nov 10 2021(Updated: )
Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| =20h2 | ||
| =21h1 | ||
| =1607 | ||
| =1809 | ||
| =1909 | ||
| =2004 | ||
| =r2 | ||
| =20h2 | ||
| =2004 | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =20h2 | |
| Microsoft Windows 10 | =21h1 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows 11 | ||
| Microsoft Windows 11 | ||
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =20h2 | |
| Microsoft Windows Server 2016 | =2004 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Windows Server 2022 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-41366?
The severity of CVE-2021-41366 is high with a CVSS score of 7.8.
Which software is affected by CVE-2021-41366?
Microsoft Windows 10, Microsoft Windows 11, Microsoft Windows 8.1, Microsoft Windows RT 8.1, Microsoft Windows Server 2012, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022.
How can I fix CVE-2021-41366?
Apply the security update provided by Microsoft as mentioned in the advisory: [CVE-2021-41366](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41366).
What is the Common Weakness Enumeration (CWE) ID for CVE-2021-41366?
The Common Weakness Enumeration (CWE) ID for CVE-2021-41366 is 269.
- agent/type
- agent/first-publish-date
- agent/author
- agent/softwarecombine
- agent/remedy
- agent/weakness
- agent/title
- agent/references
- agent/severity
- agent/event
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- vendor/microsoft
- canonical/microsoft windows 10
- version/microsoft windows 10/20h2
- version/microsoft windows 10/21h1
- version/microsoft windows 10/1607
- version/microsoft windows 10/1809
- version/microsoft windows 10/1909
- version/microsoft windows 10/2004
- canonical/microsoft windows 11
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/20h2
- version/microsoft windows server 2016/2004
- canonical/microsoft windows server 2019
- canonical/microsoft windows server 2022