CVE-2015-0006 - Vulnerability Details - OpenCVE

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Complete

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 7 Windows 8 Windows 8.1 Windows Rt 8.1 Windows Server 2003 Windows Server 2008 Windows Server 2012 Windows Vista

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_7:-:sp1::::::
	cpe:2.3:o:microsoft:windows_8:-:::::::*
	cpe:2.3:o:microsoft:windows_8.1:-:::::::*
	cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*
	cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1::::::
	cpe:2.3:o:microsoft:windows_server_2012:-:gold::::::
	cpe:2.3:o:microsoft:windows_server_2012:r2:::::x64::
	cpe:2.3:o:microsoft:windows_vista:-:sp2::::::

No data.

References

Link	Providers
http://secunia.com/advisories/62098
http://secunia.com/advisories/62184
http://www.securityfocus.com/bid/71930
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005
https://exchange.xforce.ibmcloud.com/vulnerabilities/99521
https://exchange.xforce.ibmcloud.com/vulnerabilities/99522

History

No history.

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2015-01-13T22:00:00

Updated: 2024-08-06T03:55:27.750Z

Reserved: 2014-11-18T00:00:00

Link: CVE-2015-0006

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-01-13T22:59:03.580

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-0006

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-01-13T00:00:00", "descriptions": [{"lang": "en", "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "62184", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62184"}, {"name": "MS15-005", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"}, {"name": "71930", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71930"}, {"name": "win-ms15kb3022777-update(99522)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"}, {"name": "62098", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62098"}, {"name": "ms-nla-cve20150006-security-bypass(99521)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2015-0006", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "62184", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62184"}, {"name": "MS15-005", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"}, {"name": "71930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71930"}, {"name": "win-ms15kb3022777-update(99522)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"}, {"name": "62098", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62098"}, {"name": "ms-nla-cve20150006-security-bypass(99521)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:55:27.750Z"}, "title": "CVE Program Container", "references": [{"name": "62184", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/62184"}, {"name": "MS15-005", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"}, {"name": "71930", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/71930"}, {"name": "win-ms15kb3022777-update(99522)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"}, {"name": "62098", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/62098"}, {"name": "ms-nla-cve20150006-security-bypass(99521)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2015-0006", "datePublished": "2015-01-13T22:00:00", "dateReserved": "2014-11-18T00:00:00", "dateUpdated": "2024-08-06T03:55:27.750Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*", "matchCriteriaId": "AB506484-7F0C-46BF-8EA6-4FB5AF454CED", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:x64:*:*", "matchCriteriaId": "D29A1464-D228-4E0D-8FEA-06B9CBCA7F74", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""}, {"lang": "es", "value": "El servicio Network Location Awareness (NLA) de Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 no realiza autenticaci\u00f3n rec\u00edproca para determinar un dominio de conexi\u00f3n, lo que permite atacantes remotos lanzar una configuraci\u00f3n permisiva no intencionada mediante suplantaci\u00f3n de DNS y respuestas LDAP en la red local, tambi\u00e9n conocido como 'NLA Security Feature Bypass Vulnerability.'"}], "id": "CVE-2015-0006", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-01-13T22:59:03.580", "references": [{"source": "secure@microsoft.com", "url": "http://secunia.com/advisories/62098"}, {"source": "secure@microsoft.com", "url": "http://secunia.com/advisories/62184"}, {"source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/71930"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"}, {"source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"}, {"source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/62098"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/62184"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/71930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}