6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Microsoft Windows Local Security Authority Subsystem Service is an internal program of Microsoft Corporation (USA) that runs Windows system security policies. It verifies user identity, manages user password changes, and generates access characters when a user logs on to a computer standalone or server. It also leaves due records in the Windows security log. A denial of service vulnerability exists in Microsoft Windows Local Security Authority Subsystem Service (LSASS), which stems from a failure to properly handle incoming error messages, and can be exploited by an attacker to cause an application denial of service.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft windows | eq | 8.1 |