Certificate Verification Flaw in Microsoft Windows Products
CVE-2013-3876

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Xp; Windows Server 2008; Windows Server 2012; Windows Rt
Vendor: CVE Published:; 18 November 2013

Summary

This vulnerability affects multiple Microsoft Windows versions by failing to properly verify X.509 certificates during DirectAccess. This flaw can be exploited by man-in-the-middle attackers, who could potentially spoof servers and intercept encrypted domain credentials, compromising sensitive information. To mitigate this risk, it is essential for users to apply the latest security updates provided by Microsoft.

References

http://technet.microsoft.com/security/advisory/2862152

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 18, 2013