Microsoft CVE-2017-0147: Windows SMB Information Disclosure Vulnerability
|4||(AV:N/AC:M/Au:N/C:P/I:N/A:N)||March 14, 2017||March 14, 2017||October 30, 2017|
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv1 server.The security update addresses the vulnerability by correcting how SMBv1 handles these specially crafted requests.
This vulnerability is exploited through EternalChampion.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities