1. Home
  2. CVE Database
  3. CVE-2016-3226
MEDIUM · 6.5

CVE-2016-3226

Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, ak...

Vulnerability Description

Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability."

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
MicrosoftWindows Server 2008r2
MicrosoftWindows Server 2012-

Related Weaknesses (CWE)

CWE-284

References

FAQ

What is CVE-2016-3226?

CVE-2016-3226 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, ak...

How severe is CVE-2016-3226?

CVE-2016-3226 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-3226?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Server 2008, Microsoft Windows Server 2012.