Windows HTTP Protocol Stack CVE-2022-21907 Mitigation (EnableTrailerSupport)

info Nessus Plugin ID 156713

Synopsis

The remote Windows host is potentially missing a mitigation for a remote code execution vulnerability.

Description

The remote system may be in a vulnerable state to CVE-2022-21907 by having the following registry key set:
- HKLM\System\CurrentControlSet\Services\HTTP\Parameters\EnableTrailerSupport An unauthenticated, remote attacker could exploit this, by sending specially crafted requests, to execute arbitrary code on an affected host.

Solution

Delete the DWORD registry value EnableTrailerSupport if present under:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters

See Also

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21907

Plugin Details

Severity: Info

ID: 156713

File Name: smb_nt_ms22_jan_CVE-2022-21907_reg_check.nasl

Version: 1.5

Type: local

Agent: windows

Published: 1/13/2022

Updated: 6/17/2024

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:microsoft:windows_10_1809, cpe:/o:microsoft:windows_server_2019

Required KB Items: SMB/Registry/Enumerated

Patch Publication Date: 1/11/2022

Vulnerability Publication Date: 1/11/2022

Reference Information

IAVA: 2022-A-0012-S, 2022-A-0016-S