CVE-2016-3352

Sažetak

Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information Disclosure Vulnerability."

Reference

http://www.securityfocus.com/bid/92852
http://www.securitytracker.com/id/1036798
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-110

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

12-10-2018 - 22:12

Objavljeno

14-09-2016 - 10:59