Main Vulnerability Database Vulnerabilities #VU6016

#VU6016 Information disclosure in Windows and Windows Server - CVE-2017-0147

Published: March 14, 2017 / Updated: November 20, 2020

Vulnerability identifier: #VU6016

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Green

CVE-ID: CVE-2017-0147

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
Windows
Windows Server

Software vendor:
Microsoft

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error when parsing requests in Microsoft Server Message Block 1.0 (SMBv1) server. A remote unauthenticated attacker can send specially crafted SMB packets and gain access to potentially sensitive data.

Successful exploitation of this vulnerability may allow an attacker to gain access to potentially sensitive information.

Note: this vulnerability has been exploited in the wild and is publicly known as EternalChampion exploit.

Remediation

Install updates from vendor's website.

External links

https://technet.microsoft.com/en-us/library/security/MS17-010

#VU6016 Information disclosure in Windows and Windows Server - CVE-2017-0147

Description

Remediation

External links

Please verify you're human