CVE-2015-0008 Details

CVE-2015-0008

Published: 2015-02-11
Last Modified: 2019-10-29
CVE Author: NIST National Vulnerability Database
CVE Assigner: cve@mitre.org
Summary

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remote attackers to execute arbitrary code by making crafted data available on a UNC share, as demonstrated by Group Policy data from a spoofed domain controller, aka "Group Policy Remote Code Execution Vulnerability."

Analysis
Common Vulnerability Score System v2.0
Severity High
Base Score 8.3/10
Exploit Score 6.5/10
Access Vector Adjacent_network
Access Complexity Low
Authentication None
Impact Score 10/10
Confidentiality Impact Complete
Availability Impact Complete
Integrity Impact Complete
Vector String AV:A/AC:L/Au:N/C:C/I:C/A:C
Common Vulnerability Score System v3.1

NIST has not assigned a CVSSv3.1 Score.

Products Reported
CPE Vulnerable Start Excluding
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:* Yes - -
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* Yes - -
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* Yes - -
References

http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx
http://packetstormsecurity.com/files/155002/Microsoft-Windows-Server-2012-Group-Policy-Remote-Code-Execution.html
http://www.kb.cert.org/vuls/id/787252
http://www.securityfocus.com/bid/72477
http://www.securitytracker.com/id/1031719
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-011
https://exchange.xforce.ibmcloud.com/vulnerabilities/100426
https://www.jasadvisors.com/additonal-jasbug-security-exploit-info/

CVE ID
CVE-2015-0008
Published
2015-02-11
Modified
2019-10-29
CVSSv2.0
High
PCI Compliance
Fail
US-CERT Alert
No
CWE
CWE-284

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities.