CVE-2013-3868

Published Sep 11, 2013

Last updated a year ago

CVSS info 5.0

Overview

Description: Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability."
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:active_directory_lightweight_directory_service:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E988C43E-C9C2-4ECC-8FF3-237ADE080691"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x86:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32C28EC2-8A34-4E30-A76A-86921D7332C1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:active_directory_lightweight_directory_service:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E988C43E-C9C2-4ECC-8FF3-237ADE080691"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:active_directory_lightweight_directory_service:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E988C43E-C9C2-4ECC-8FF3-237ADE080691"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x86:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "976EFC05-9B37-4661-AD34-4FFDB5AB48E0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:active_directory_lightweight_directory_service:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E988C43E-C9C2-4ECC-8FF3-237ADE080691"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:active_directory_lightweight_directory_service:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E988C43E-C9C2-4ECC-8FF3-237ADE080691"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References