Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-1381: Microsoft Windows Information Disclosure Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2019-1381: Microsoft Windows Information Disclosure Vulnerability

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

11/12/2019

Created

11/13/2019

Added

11/12/2019

Modified

11/18/2021

Description

An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations. An attacker who successfully exploited the vulnerability could potentially access unauthorized files. To exploit this vulnerability, an authenticated attacker could run a specially crafted application in user mode. The update addresses the vulnerability by checking files paths for symbolic links.

Solution(s)

msft-kb4523205-08d9ac19-de85-40b7-98f7-8c54091494c1
msft-kb4523205-61118c04-b0ba-49af-82b7-05cb038923fb
msft-kb4523205-c0e9628c-ad49-4a51-84c0-2e18951adb68
msft-kb4524570-29c1ec74-1dd6-400c-a4fe-28af68ababa8
msft-kb4524570-537f6d1a-6a65-43a7-8f77-e2ece9811d47
msft-kb4524570-92bf4fc2-1423-4d57-b6e6-109109dab39b
msft-kb4524570-a464324d-52ab-4b91-b5eb-15b5e8dfaa70
msft-kb4524570-bb3f5eb0-a6b4-429a-83b7-5c9ae5a5eefc
msft-kb4524570-ce36ff81-c1f3-4022-ae29-980d7649600a
msft-kb4525232-0b8dcdd1-a180-4e2e-b4eb-66374803c0b3
msft-kb4525232-91ccde2b-6718-4599-9726-e74786129012
msft-kb4525236-36511ef0-14b8-4883-a0bc-49c047981b50
msft-kb4525236-40726976-3112-4667-aa22-4e882e8b635a
msft-kb4525236-f6b77fe9-194d-4905-a0db-1fe77b95ca36
msft-kb4525237-57a23bad-45b7-4713-b02b-e56d08a2a792
msft-kb4525237-595c5dcb-7b6d-47ab-990b-062c0f566c14
msft-kb4525237-79db43fa-b958-4e04-8146-2b589c3fb50a
msft-kb4525241-394083ef-f78c-4b44-b085-b2252be4f21e
msft-kb4525241-8415f42c-519b-4c6a-af5c-5d0c9a0f90c7
msft-kb4525250-39712f55-86cb-4200-9005-8d57cd91032e
msft-kb4525250-a30c9519-8359-48e1-86d4-38791ad95200
msft-kb4525250-c95046b7-a6dd-4d23-9b73-68722b2533f4
msft-kb4525253-9cf980a2-7b40-426a-8253-4aca7b538ef6
msft-kb4525253-b11910e5-0a1d-4bdd-b307-3a56d5e3f1ee
msft-kb4525253-daab0091-1e65-4624-b280-015c007f30c1

References

https://attackerkb.com/topics/cve-2019-1381
CVE - 2019-1381
4523205
4524570
4525232
4525236
4525237
4525241
4525243
4525246
4525250
4525253

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-1381: Microsoft Windows Information Disclosure Vulnerability

Microsoft CVE-2019-1381: Microsoft Windows Information Disclosure Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.