CVE-2014-6318

Microsoft RDP - Auth Bypass

Title source: llm

Description

The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly log unauthorized login attempts supplying valid credentials, which makes it easier for remote attackers to bypass intended access restrictions via a series of attempts, aka "Remote Desktop Protocol (RDP) Failure to Audit Vulnerability."

References (4)

[Vendor Advisory] http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx

[Third Party Advisory] http://secunia.com/advisories/60089

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/70981

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-074

Scores

EPSS 0.3160

EPSS Percentile 96.7%

Classification

CWE

CWE-287

Status draft

Affected Products (11)

microsoft/windows_7

microsoft/windows_8

microsoft/windows_8.1

microsoft/windows_rt

microsoft/windows_rt_8.1

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_server_2008

microsoft/windows_server_2012

microsoft/windows_server_2012

microsoft/windows_vista

Timeline

Published Nov 11, 2014

Tracked Since Feb 18, 2026