Tenable Research Release Highlights

Forum Discussion

Anonymous's avatar
Anonymous
5 years ago

Plugin 138600 - Windows DNS Server RCE (CVE-2020-1350)...

Plugin 138600 - Windows DNS Server RCE (CVE-2020-1350) reporting criteria update

Plugin

138600 - Windows DNS Server RCE (CVE-2020-1350)

44871    - WMI Windows Feature Enumeration

Change

The logic of plugin 138600 has been modified to validate that the DNS Server Feature is available on the scanned host prior to reporting. Vulnerability will be reported if the patch is missing, host has the DNS Server Feature installed and the mitigation recommended by Microsoft is missing.

Plugin 44871 WMI Windows Feature Enumeration reports all existing Features for a Windows Server through WMI.

Impact

Customers should expect plugin 138600 to trigger only on affected Windows Server Versions that have the DNS Server Feature installed.

Target Release Date

21 July 2020

CVE
Microsoft
Plugins
Tenable Nessus
Tenable Research

6 Replies

  • Anonymous's avatar
    Anonymous
    5 years ago

    Hi Team,

    I can still see non-DNS servers are also showing as vulnerable. i am not sure it is checking DNS services are installed or not. Could you please confirm me

    • mhuang1's avatar
      mhuang1
      Connect Rookie
      5 years ago

      I am having the same issue. Tenable still flag non-DNS servers, I check plugin 44871, I dont find DNS service showing up.

      • Anonymous's avatar
        Anonymous
        5 years ago

        Hello @Vikram Boddu​  and @Maria Huang​ 

        Can you please still confirm if you're using version 1.3 of the plugin 138600 - Windows DNS Server RCE (CVE-2020-1350).

        Update for this plugin has it the feed on 2020/07/21. If you can confirm to us your plugin feed version that would help it should be 202007211621 or higher.

        If your feed version is previous you might need to update the feed and scan again.

        Let us know if you have further questions.

        Thanks