Lucene search

Kaspersky LabKLA10557

HistoryApr 14, 2015 - 12:00 a.m.

KLA10557 Security bypass vulnerability in Active Directory

2015-04-1400:00:00

Kaspersky Lab

threats.kaspersky.com

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Improper logoff handling was found in Microsoft Active Directory. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via workstation manipulations.

Original advisories

MS15-040

CVE-2015-1638

Related products

Microsoft-Active-Directory

CVE list

CVE-2015-1638 high

KB list

3045711

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

Active Directory Federation Services version 3.0

References

support.microsoft.com/kb/3045711

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1638

statistics.securelist.com/

technet.microsoft.com/en-us/library/security/ms15-040

threats.kaspersky.com/en/product/Microsoft-Active-Directory/

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for KLA10557