CVE-2016-0128

Published on: 04/12/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:13 PM UTC

CVE-2016-0128

Source: Mitre
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Certain versions of Windows 10 from Microsoft contain the following vulnerability:

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK."

  • CVE-2016-0128 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 6.8 - MEDIUM

Attack
Vector 		Attack
Complexity		 Privileges
Required		 User
Interaction
NETWORK HIGH NONE REQUIRED
Scope Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
UNCHANGED HIGH HIGH NONE

CVSS2 Score: 5.8 - MEDIUM

Access
Vector		 Access
Complexity		 Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
PARTIAL PARTIAL NONE

CVE References

Description Tags Link
Broadcom Support Portal Third Party Advisory
bto.bluecoat.com
text/html
 URL Logo CONFIRM bto.bluecoat.com/security-advisory/sa122
Vulnerability Note VU#813296 - Microsoft Windows and Samba may allow spoofing of authenticated users ("Badlock") Third Party Advisory
US Government Resource
www.kb.cert.org
text/html
 URL Logo CERT-VN VU#813296
Badlock Bug Third Party Advisory
badlock.org
text/html
 URL Logo MISC badlock.org/
Samba - Security Announcement Archive Vendor Advisory
www.samba.org
text/html
 URL Logo MISC www.samba.org/samba/security/CVE-2016-2118.html
Microsoft Windows SAM/LSAD Connection Downgrade Attack Lets Remote Users Hijack the Target Session - SecurityTracker Third Party Advisory
VDB Entry
www.securitytracker.com
text/html
 URL Logo SECTRACK 1035534
Microsoft Security Bulletin MS16-047 - Important | Microsoft Docs Patch
Vendor Advisory
docs.microsoft.com
text/html
 URL Logo MS MS16-047
By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System		MicrosoftWindows 10-AllAllAll
Operating
System		MicrosoftWindows 101511AllAllAll
Operating
System		MicrosoftWindows 10-AllAllAll
Operating
System		MicrosoftWindows 101511AllAllAll
Operating
System		MicrosoftWindows 7Allsp1AllAll
Operating
System		MicrosoftWindows 7Allsp1AllAll
Operating
System		MicrosoftWindows 8.1AllAllAllAll
Operating
System		MicrosoftWindows 8.1AllAllAllAll
Operating
System		MicrosoftWindows Rt 8.1-AllAllAll
Operating
System		MicrosoftWindows Rt 8.1-AllAllAll
Operating
System		MicrosoftWindows Server 2008Allsp2AllAll
Operating
System		MicrosoftWindows Server 2008r2sp1AllAll
Operating
System		MicrosoftWindows Server 2008Allsp2AllAll
Operating
System		MicrosoftWindows Server 2008r2sp1AllAll
Operating
System		MicrosoftWindows Server 2012-AllAllAll
Operating
System		MicrosoftWindows Server 2012r2AllAllAll
Operating
System		MicrosoftWindows Server 2012-AllAllAll
Operating
System		MicrosoftWindows Server 2012r2AllAllAll
Operating
System		MicrosoftWindows VistaAllsp2AllAll
Operating
System		MicrosoftWindows VistaAllsp2AllAll
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*: