CVE-2016-0128 : The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK."

Published 2016-04-12 23:59:07

Updated 2019-09-27 17:21:56

Source Microsoft Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2016-0128

Probability of exploitation activity in the next 30 days: 2.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-0128

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:N	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None
6.8	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N	1.6	5.2	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: None

CWE ids for CVE-2016-0128

CWE-254

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-0128

https://www.samba.org/samba/security/CVE-2016-2118.html

Samba - Security Announcement Archive
Vendor Advisory

CVEs referencing this url
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-047

Microsoft Security Bulletin MS16-047 - Important | Microsoft Docs
Patch;Vendor Advisory
http://badlock.org/

Open Source SMB & AD
Third Party Advisory

CVEs referencing this url
https://bto.bluecoat.com/security-advisory/sa122

SA122 : SMB Vulnerabilities in Windows and Samba (Badlock)
Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1035534

Microsoft Windows SAM/LSAD Connection Downgrade Attack Lets Remote Users Hijack the Target Session - SecurityTracker
Third Party Advisory;VDB Entry
https://www.kb.cert.org/vuls/id/813296

VU#813296 - Microsoft Windows and Samba may allow spoofing of authenticated users ("Badlock")
Third Party Advisory;US Government Resource

CVEs referencing this url

Products affected by CVE-2016-0128

Microsoft » Windows Vista » Update SP2
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Update SP2
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 Update SP1
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows 7 » Update SP1
cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: R2
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 8.1
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Rt 8.1 » Version: N/A
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: N/A
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1511
cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-0128

Exploit prediction scoring system (EPSS) score for CVE-2016-0128

CVSS scores for CVE-2016-0128

CWE ids for CVE-2016-0128

References for CVE-2016-0128

Products affected by CVE-2016-0128