N/A

Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a Domain Controller.

N/A

N/A

Netwrix Account Lockout Examiner 安全漏洞

Netwrix Account Lockout Examiner是美国netwrix（Netwrix）公司的一款域用户管理软件。可用于对局域网内用户进行管理。 Netwrix Account Lockout Examiner 5.1之前版本存在安全漏洞，该漏洞源于Netwrix帐户锁定检查器。攻击者可利用该漏洞通过在域控制器上生成一个Kerberos预认证失败(ID 4771)事件来捕获域管理员的Net-NTLMv1/v2身份验证挑战哈希(在产品安装状态下配置)。

N/A

N/A