Check: 2016-A-0049
Windows 2012 IAVM:
2016-A-0049
(in version v1 r30)
Title
Microsoft WebDAV Information Disclosure Vulnerability (MS16-016) (Cat II impact)
Discussion
Microsoft has released a security bulletin addressing information disclosure vulnerability in the Microsoft Web Distributed Authoring and Versioning (WebDAV) client. To exploit this vulnerability, an attacker would force an encrypted SSL 2.0 session with a WebDAV server that has SSL 2.0 enabled and use a man-in-the-middle (MiTM) attack to decrypt portions of the encrypted traffic. If successfully exploited, an attacker would bypass security restrictions resulting in the compromised of the affected system.
Check Content
Fix Text
Additional Identifiers
Rule ID:
Vulnerability ID: V-65819
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |