Vulnerability Name: | CVE-2016-3287 (CCN-114866) | ||||||||||||
Assigned: | 2016-07-12 | ||||||||||||
Published: | 2016-07-12 | ||||||||||||
Updated: | 2018-10-12 | ||||||||||||
Summary: | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass." | ||||||||||||
CVSS v3 Severity: | 4.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N) 4.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||||||
Vulnerability Type: | CWE-254 | ||||||||||||
Vulnerability Consequences: | Bypass Security | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2016-3287 Source: CCN Type: Microsoft Security Bulletin MS16-094 Security Update for Secure Boot (3177404) Source: BID Type: UNKNOWN 91604 Source: CCN Type: BID-91604 Microsoft Windows CVE-2016-3287 Local Security Bypass Vulnerability Source: SECTRACK Type: UNKNOWN 1036290 Source: MS Type: UNKNOWN MS16-094 Source: XF Type: UNKNOWN ms-windows-cve20163287-sec-bypass(114866) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |