CVE-2015-0005 | Date: (C)2015-03-13 (M)2023-12-22 |
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 4.3 |
Exploit Score: 5.5 |
Impact Score: 4.9 |
|
CVSS V2 Metrics: |
Access Vector: ADJACENT_NETWORK |
Access Complexity: MEDIUM |
Authentication: NONE |
Confidentiality: PARTIAL |
Integrity: PARTIAL |
Availability: NONE |
| |