CVE-2013-3868

medium Microsoft
CVSS v3 Base Score
5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS Score
36.4%
Exploitation probability in 30 days
Top 3% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
None
Published: September 11, 2013 (4628 days ago)
Last Modified: April 29, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability."

CWE

CWE-20

Affected Products

microsoft active directory lightweight directory servicemicrosoft windows server 2008microsoft windows 8microsoft windows 7microsoft windows server 2012microsoft windows vista

References

🔗 www.us-cert.gov 🔗 docs.microsoft.com 🔗 www.us-cert.gov 🔗 docs.microsoft.com