CVE-2002-0018

N/A Unknown
Published: March 08, 2002 Modified: April 16, 2026
View on NVD

Description

In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://www.securityfocus.com/bid/3997
Source: cve@mitre.org
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/8023
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64
Source: cve@mitre.org
http://www.securityfocus.com/bid/3997
Source: af854a3a-2127-422b-91ae-364da2661108
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/8023
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64
Source: af854a3a-2127-422b-91ae-364da2661108

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
36.2%
97th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

microsoft