vulnerability
Microsoft Windows: CVE-2019-1172: Windows Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Aug 13, 2019 | Aug 13, 2019 | Sep 5, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Aug 13, 2019
Added
Aug 13, 2019
Modified
Sep 5, 2025
Description
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'.
Solutions
microsoft-windows-windows_10-1507-kb4512497microsoft-windows-windows_10-1607-kb4512517microsoft-windows-windows_10-1703-kb4512507microsoft-windows-windows_10-1709-kb4512516microsoft-windows-windows_10-1803-kb4512501microsoft-windows-windows_10-1809-kb4511553microsoft-windows-windows_10-1903-kb4512508microsoft-windows-windows_server_2012_r2-kb4512489microsoft-windows-windows_server_2016-1607-kb4512517microsoft-windows-windows_server_2019-1809-kb4511553msft-kb4512489-90af280c-d27d-450d-a8de-81ca67856fc0msft-kb4512489-bfc44f53-1c17-46df-9be6-9009a1a38c70msft-kb4512508-35cff443-e9f5-4d0a-a8fc-7fe8a39ab515
References
- CVE-2019-1172
- https://attackerkb.com/topics/CVE-2019-1172
- CWE-200
- https://support.microsoft.com/help/4511553
- https://support.microsoft.com/help/4512489
- https://support.microsoft.com/help/4512497
- https://support.microsoft.com/help/4512501
- https://support.microsoft.com/help/4512507
- https://support.microsoft.com/help/4512508
- https://support.microsoft.com/help/4512516
- https://support.microsoft.com/help/4512517
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.