Vulnerability Data

by Reconmap

CVE-2017-0276

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, and CVE-2017-0275.

Published at
2017-05-12T14:29Z
2564 days ago
Modified
2018-03-28T01:29Z
2245 days ago
CWE-200
Problem type

Impact

CVSS v3 vector string
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Severity Score Vector

5.9CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

References


URLType
portal.msrc.microsoft.com
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0276		CONFIRM
98268
http://www.securityfocus.com/bid/98268		BID
ics-cert.us-cert.gov
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02		MISC

GET https://vulnerabilitydata.com/api/details/CVE-2017-0276

{
	"id": "CVE-2017-0276",
	"published_date": "2017-05-12T14:29Z",
	"last_modified_date": "2018-03-28T01:29Z",
	"assigner": "secure@microsoft.com",
	"description": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, and CVE-2017-0275.",
	"references": [
		{
			"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0276",
			"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0276",
			"refsource": "CONFIRM",
			"tags": [
				"Mitigation",
				"Patch",
				"Vendor Advisory"
			]
		},
		{
			"url": "http://www.securityfocus.com/bid/98268",
			"name": "98268",
			"refsource": "BID",
			"tags": [
				"Third Party Advisory",
				"VDB Entry"
			]
		},
		{
			"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
			"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
			"refsource": "MISC",
			"tags": []
		}
	],
	"impact": {
		"baseMetricV3": {
			"cvssV3": {
				"version": "3.0",
				"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
				"attackVector": "NETWORK",
				"attackComplexity": "HIGH",
				"privilegesRequired": "NONE",
				"userInteraction": "NONE",
				"scope": "UNCHANGED",
				"confidentialityImpact": "HIGH",
				"integrityImpact": "NONE",
				"availabilityImpact": "NONE",
				"baseScore": 5.9,
				"baseSeverity": "MEDIUM"
			},
			"exploitabilityScore": 2.2,
			"impactScore": 3.6
		},
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
				"accessVector": "NETWORK",
				"accessComplexity": "MEDIUM",
				"authentication": "NONE",
				"confidentialityImpact": "PARTIAL",
				"integrityImpact": "NONE",
				"availabilityImpact": "NONE",
				"baseScore": 4.3
			},
			"severity": "MEDIUM",
			"exploitabilityScore": 8.6,
			"impactScore": 2.9,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": false
		}
	},
	"problem_type": "CWE-200"
}