SAM and LSAD downgrade vulnerability in Microsoft Windows - CVE-2016-0128ID: oval:org.secpod.oval:def:33789 | Date: (C)2016-04-13 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2 or Windows 10 and is prone to SAM and LSAD downgrade vulnerability. A flaw is present in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols, which accept authentication levels that do not protect them adequately and the way SAM and LSAD remote protocols establish the Remote Procedure Call (RPC) channel. An attacker who successfully exploited this vulnerability could gain access to the SAM database.
Platform: |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |