CVE-2016-3300

high

Description

The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 improperly establishes secure communications channels, which allows local users to gain privileges by leveraging access to a domain-joined machine, aka "Netlogon Elevation of Privilege Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-101

http://www.securitytracker.com/id/1036576

http://www.securityfocus.com/bid/92296

Details

Source: Mitre, NVD

Published: 2016-08-09

Updated: 2019-05-15

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High