← CVECheck
HomeVulnerabilities

CVE-2000-1200 — MEDIUM severity vulnerability (Windows NT allows remote attackers to list all users in a do)

Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.

CVE IDCVE-2000-1200
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2001-08-31
Last modified2026-04-16
DescriptionWindows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →