Vulnerability Name:

CVE-2014-0296 (CCN-93430)

Assigned:2013-12-03
Published:2014-06-10
Updated:2019-05-15
Summary:The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka "RDP MAC Vulnerability."
CVSS v3 Severity:5.4 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.8 Medium (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:P/A:N)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-310
Vulnerability Consequences:Bypass Security
References:Source: CONFIRM
Type: Third Party Advisory
http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx

Source: MITRE
Type: CNA
CVE-2014-0296

Source: SECUNIA
Type: Third Party Advisory
58524

Source: CCN
Type: Microsoft Security Bulletin MS14-030
Vulnerability in Remote Desktop Could Allow Tampering (2969259)

Source: BID
Type: Third Party Advisory, VDB Entry
67865

Source: CCN
Type: BID-67865
Microsoft Windows Remote Desktop Protocol CVE-2014-0296 Security Bypass Vulnerability

Source: MS
Type: Patch, Vendor Advisory
MS14-030

Source: XF
Type: UNKNOWN
ms-win-cve20140296-sec-bypass(93430)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:microsoft:windows_7:-:sp1:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x64:*
  • OR cpe:/o:microsoft:windows_8:-:-:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_8:-:-:-:*:-:-:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*
  • OR cpe:/o:microsoft:windows_8.1:-:*:*:*:pro_n:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:24801
    V
    RDP MAC Vulnerability (CVE-2014-0296) - MS14-030
    2014-07-28
    BACK
    microsoft windows 7 - sp1
    microsoft windows 8 -
    microsoft windows 8.1 -
    microsoft windows server 2012 -
    microsoft windows server 2012 r2
    microsoft windows 7 - sp1
    microsoft windows 7 - sp1
    microsoft windows 8 - -
    microsoft windows 8 - -
    microsoft windows server 2012
    microsoft windows 8.1 - -
    microsoft windows 8.1 - -
    microsoft windows server 2012 r2