Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMicrosoftCVELIST:CVE-2013-3876
HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-3876

2022-10-0316:14:45
microsoft
www.cve.org
directaccess
certificate verification
windows vulnerability
man-in-the-middle
x.509 certificates
domain credentials

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.6%

JSON

DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly verify server X.509 certificates, which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate.

Related

nessus 1
cve 1
symantec 1
openvas 1
prion 1
nvd 1
nessus
nessus
MS KB2862152: Vulnerability in DirectAccess Could Allow Security Feature Bypass
2013-11-13 00:00:00
cve
cve
CVE-2013-3876
2022-10-03 16:14:45
symantec
symantec
Microsoft Windows DirectAccess CVE-2013-3876 Security Bypass Vulnerability
2013-11-12 00:00:00
openvas
openvas
Microsoft DirectAccess Security Advisory (2862152)
2013-11-14 00:00:00
prion
prion
Code injection
2013-11-18 03:55:00
nvd
nvd
CVE-2013-3876
2013-11-18 03:55:05

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.6%

JSON
Related for CVELIST:CVE-2013-3876
nessus1cve1symantec1openvas1prion1nvd1