3.3
CVSSv2

CVE-2015-2374

Published: 14/07/2015 Updated: 08/05/2019
CVSS v2 Base Score: 3.3 | Impact Score: 2.9 | Exploitability Score: 6.5
VMScore: 294
Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote malicious users to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon."

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 2003 server

microsoft windows server 2012 r2

microsoft windows server 2008 r2

microsoft windows server 2012 -

microsoft windows 2003 server r2

microsoft windows server 2008 -

Recent Articles

Microsoft Security Updates July 2015
Securelist • Kurt Baumgartner • 14 Jul 2015

Microsoft releases a long list of updates to multiple technologies today with 14 Security Bulletins (MS15-058, MS15-065 – MS15-077) patching 58 vulnerabilities, and at least 47 of them reported through a a responsible disclosure channel. Meanwhile, several are being used and detected ITW as a part of limited targeted attacks, like the Microsoft Office RCE cve-2015-2424, ATMFD.DLL EoP cve-2015-2387, and the Internet Explorer JScript9 RCE cve-2015-2419. Some were the result of breach leaks as ...