What is CVE-2000-1218?

CVE-2000-1218 is a critical-severity vulnerability in Microsoft Windows_2000, classified under Origin Validation Error. CVSS score: 9.8/10. Published 2000-04-14.

How severe is CVE-2000-1218?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Microsoft Windows_2000

CVE-2000-1218

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote…

EPSS: 0.061 (92.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

CWE-346 — Origin Validation Error

References

cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_XF)
cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2000-1218?: CVE-2000-1218 is a critical-severity vulnerability in Microsoft Windows_2000, classified under Origin Validation Error. CVSS score: 9.8/10. Published 2000-04-14.
How severe is CVE-2000-1218?: Critical severity. CVSS v3 base score is 9.8 out of 10.