← CVECheck
HomeVulnerabilities

CVE-2000-1217 — MEDIUM severity vulnerability (Microsoft Windows 2000 before Service Pack 2 (SP2), when run)

Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulne

CVE IDCVE-2000-1217
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2000-11-21
Last modified2026-04-16
DescriptionMicrosoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →