cpe:/o:microsoft:windows_10:- cpe:/o:microsoft:windows_10:1511 cpe:/o:microsoft:windows_10:1607 cpe:/o:microsoft:windows_7::sp1 cpe:/o:microsoft:windows_8.1 cpe:/o:microsoft:windows_rt_8.1 cpe:/o:microsoft:windows_server_2008::sp2 cpe:/o:microsoft:windows_server_2008:r2:sp1 cpe:/o:microsoft:windows_server_2012:- cpe:/o:microsoft:windows_server_2012:r2 cpe:/o:microsoft:windows_vista::sp2 CVE-2016-3371 2016-09-14T06:59:46.000-04:00 2018-10-12T18:12:48.120-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2016-09-15T11:00:08.900-04:00 SECTRACK 1036802 EXPLOIT-DB 40429 BID 92814 MS MS16-111 The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive information via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."