Elevation of privilege vulnerability in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS)ID: oval:org.secpod.oval:def:2716 | Date: (C)2011-11-09 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Active Directory or Active Directory Application Mode (ADAM) or Active Directory Lightweight Directory Service (AD LDS) and is prone to elevation of privilege vulnerability. A flaw is present in the application, which is caused when Active Directory is configured to use LDAPS and fails to validate the revocation status of SSL certificate against the Certificate Revocation List (CRL) associated with the domain account. Successful exploitation allows attackers to obtain access to network resources or run code under the privileges of a specific authorized user.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Active Directory |
Active Directory Application Mode |