The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SCCM

computer vulnerability announce CVE-2015-0012

Microsoft System Center: privilege escalation via VMM User Role

Synthesis of the vulnerability

An attacker can use Microsoft System Center VMM, in order to escalate his privileges.
Impacted products: SCCM, SCOM.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 10/02/2015.
Identifiers: 3035898, CERTFR-2015-AVI-068, CVE-2015-0012, MS15-017, VIGILANCE-VUL-16167.

Description of the vulnerability

The Microsoft System Center Virtual Machine Manager product defines user roles.

However, VMM does not correctly validate these roles.

An attacker can therefore use Microsoft System Center VMM, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2014-2779

Microsoft Malware Protection Engine: denial of service

Synthesis of the vulnerability

An attacker can send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Impacted products: Forefront Security for Exchange Server, Forefront Threat Management Gateway, Forefront Unified Access Gateway, SCCM, SCOM, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: document.
Creation date: 18/06/2014.
Identifiers: 2974294, CVE-2014-2779, VIGILANCE-VUL-14908.

Description of the vulnerability

The Microsoft Malware Protection Engine analyzes files searching for malware.

However, a malicious file locks this engine.

An attacker can therefore send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2012-2536

Microsoft System Center Configuration Manager, SMS: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting in Microsoft System Center Configuration Manager (and Microsoft Systems Management Server), in order to execute JavaScript code in the context of the web site.
Impacted products: SCCM, Microsoft SMS.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 11/09/2012.
Identifiers: 2741528, BID-55430, CERTA-2012-AVI-495, CVE-2012-2536, MS12-062, VIGILANCE-VUL-11932.

Description of the vulnerability

Microsoft System Center Configuration Manager and Microsoft Systems Management Server offer a web service

However, these web sites do not filter their parameters, before displaying them in generated HTML pages.

An attacker can therefore generate a Cross Site Scripting in Microsoft System Center Configuration Manager (and Microsoft Systems Management Server), in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about SCCM: