CVE-2005-3176

2022-10-0316:22:38

mitre

www.cve.org

microsoft

windows 2000

update rollup

terminal services

security log

ip address

attack detection

6.4 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.2%

JSON

Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.

References

support.microsoft.com/kb/891076

support.microsoft.com/kb/900345