Vulnerability Details CVE-2016-3300
The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 improperly establishes secure communications channels, which allows local users to gain privileges by leveraging access to a domain-joined machine, aka "Netlogon Elevation of Privilege Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://www.securityfocus.com/bid/92296
- http://www.securitytracker.com/id/1036576
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-101
- http://www.securityfocus.com/bid/92296
- http://www.securitytracker.com/id/1036576
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-101
Products affected by CVE-2016-3300
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2