CVE-2016-3300

The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 improperly establishes secure communications channels, which allows local users to gain privileges by leveraging access to a domain-joined machine, aka "Netlogon Elevation of Privilege Vulnerability."
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

History

21 Nov 2024, 02:49

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/92296 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/92296 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1036576 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1036576 - Third Party Advisory, VDB Entry
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-101 - Patch, Vendor Advisory () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-101 - Patch, Vendor Advisory

Information

Published : 2016-08-09 21:59

Updated : 2024-11-21 02:49


NVD link : CVE-2016-3300

Mitre link : CVE-2016-3300

CVE.ORG link : CVE-2016-3300


JSON object : View

Products Affected

microsoft

  • windows_rt_8.1
  • windows_server_2012
  • windows_8.1
CWE
CWE-264

Permissions, Privileges, and Access Controls