Vulnerability Description
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
References
- http://www.kb.cert.org/vuls/id/818496US Government Resource
- http://www.securityfocus.com/bid/1973
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-08
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5585
- http://www.kb.cert.org/vuls/id/818496US Government Resource
- http://www.securityfocus.com/bid/1973
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-08
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5585
FAQ
What is CVE-2000-1217?
CVE-2000-1217 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users t...
How severe is CVE-2000-1217?
CVE-2000-1217 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-1217?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000.