Windows HTTP Protocol Stack CVE-2022-21907 Mitigation (EnableTrailerSupport)

info Nessus Plugin ID 156713
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Windows host is potentially missing a mitigation for a remote code execution vulnerability.

Description

The remote system may be in a vulnerable state to CVE-2022-21907 by having the following registry key set:
- HKLM\System\CurrentControlSet\Services\HTTP\Parameters\EnableTrailerSupport An unauthenticated, remote attacker could exploit this, by sending specially crafted requests, to execute arbitrary code on an affected host.

Solution

Delete the DWORD registry value EnableTrailerSupport if present under:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters

See Also

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21907

Plugin Details

Severity: Info

ID: 156713

File Name: smb_nt_ms22_jan_CVE-2022-21907_reg_check.nasl

Version: 1.3

Type: local

Agent: windows

Published: 1/13/2022

Updated: 1/14/2022

Dependencies: smb_hotfixes.nasl, smb_check_rollup.nasl

Vulnerability Information

CPE: cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Required KB Items: SMB/Registry/Enumerated

Patch Publication Date: 1/11/2022

Vulnerability Publication Date: 1/11/2022

Reference Information

IAVA: 2022-A-0012, 2022-A-0016