WEB Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability -2 (CVE-2022-21907)

Rule ID

1230493

Severity

Medium

Description

An uninitialized memory usage issue has been identified in HTTP.sys. This vulnerability can be exploited to achieve unauthenticated RCE on ISS enabled servers.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Allow

References

CVE-2022-21907

Keywords

Windows 10, Windows 11, Windows Server, Windows Server 2019

Date Created

2022/01/19

Last Updated

2022/01/19

This website uses cookies to ensure you get the best experience on our website.

Learn more