Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-0821: Windows SMB Information Disclosure Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2019-0821: Windows SMB Information Disclosure Vulnerability

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

03/12/2019

Created

03/19/2019

Added

03/12/2019

Modified

11/18/2021

Description

An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests. An authenticated attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, an attacker would have to be able to authenticate and send SMB messages to an impacted Windows SMB Server The security update addresses the vulnerability by correcting how Windows SMB Server handles authenticated requests.

Solution(s)

msft-kb4489868-33aaf8ee-bfe9-4b24-ab07-d33a207fe74f
msft-kb4489868-3f9ff099-4497-4d8f-8410-f581ca2adeca
msft-kb4489868-b9b03135-18e3-474e-b97e-92c5565b35d4
msft-kb4489871-9b31b540-f8b3-4f03-8f29-005f7d421d43
msft-kb4489871-e271833d-28ff-43a0-b7d8-b1e5c5a93d8c
msft-kb4489872-3280f200-94d5-4a5f-81eb-12424a537abe
msft-kb4489872-56edc7c3-4ac8-4a51-81f1-8463d0eb21f7
msft-kb4489876-18f924a7-7f0d-4279-bf69-886bfa90a9ec
msft-kb4489876-81a89161-0a81-44b7-b3ce-b8c5cb877a47
msft-kb4489876-c480ad4e-3b9e-4b62-b6ed-a4e00278a119
msft-kb4489882-5d3d2503-4a76-4dc2-a395-8989acce486a
msft-kb4489882-a14d08bb-f09a-41b4-9097-0470256e2676
msft-kb4489882-a1db880d-92ad-4d8d-b54e-5daee2a7d6c5
msft-kb4489883-1e9a46e5-c67d-4806-8593-86b3bc55b0b2
msft-kb4489883-bcd29f1b-390e-44e9-a525-9accf112de47
msft-kb4489883-dded804a-129f-4644-899c-e49ccd2bad2c
msft-kb4489884-c05adca0-4814-4c86-84f0-cb0b6df57f36
msft-kb4489884-d1ff569c-adbc-446a-989a-cb2c1be01b6f
msft-kb4489884-f0b8e848-d79d-4bf2-a5a3-5e089b9ddb9f
msft-kb4489885-3ab93f71-ab60-4ee0-aa79-27ce364a30fa
msft-kb4489885-60a3929e-830c-42ff-adfc-1a96a1e0c62c
msft-kb4489885-73542c86-d962-40fa-b29f-cf79d99df0a8
msft-kb4489885-8879d45b-1af9-44d4-bc42-a1b1094609b9
msft-kb4489885-acf512a8-958c-4759-8464-caf71a59547a
msft-kb4489885-f429ca5a-3698-46fa-91d7-8a2c7f0f6074
msft-kb4489886-12bf2378-16b2-487f-8db6-83ff03bfa7a9
msft-kb4489886-ab4cb9ed-6d89-42de-9bc7-cbabd418c61b
msft-kb4489886-b208212d-28b0-4233-a438-ad65fb8930fa
msft-kb4489899-70f7a999-6f9b-4642-9523-607f667794ab
msft-kb4489899-7cc6b8e5-2f5e-4f99-9392-76d34b953cf5
msft-kb4489899-9569d191-0418-4b50-94f0-28e1862f7c18

References

https://attackerkb.com/topics/cve-2019-0821
CVE - 2019-0821
4489868
4489871
4489872
4489876
4489878
4489880
4489881
4489882
4489883
4489884
4489885
4489886
4489891
4489899

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-0821: Windows SMB Information Disclosure Vulnerability

Microsoft CVE-2019-0821: Windows SMB Information Disclosure Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.