ID CVE-2016-0019
Summary The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows Remote Desktop Protocol Security Bypass Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*
  • cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:x64:*
  • cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:x86:*
CVSS
Base: 9.3 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE CWE-254
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
msbulletin via4
bulletin_id MS16-007
bulletin_url
date 2016-01-12T00:00:00
impact Remote Code Execution
knowledgebase_id 3124901
knowledgebase_url
severity Important
title Security Update for Microsoft Windows to Address Remote Code Execution
refmap via4
sectrack 1034659
Last major update 30-10-2018 - 16:27
Published 13-01-2016 - 05:59
Last modified 30-10-2018 - 16:27
Back to Top