CVE-2017-0279 — Corporation Server Message Block 1.0 vulnerability

13 documents5 sources

Severity

8.1HIGHNVD

NVD7.0

EPSS

2.0%

top 16.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Server Message Block 1.0 Microsoft Windows 10 Microsoft Windows Server 2008 +13 more

Timeline

PublishedMay 12

Latest updateMay 13

Description

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0272, CVE-2017-0277, and CVE-2017-0278.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:LExploitability: 2.2 | Impact: 4.7

Affected Packages15 packages

▶msrcmsrc/windows_server_2008

▶msrcmsrc/windows_server_2012

▶msrcmsrc/windows_server_2016

▶msrcmsrc/windows_server_2008_r2

▶msrcmsrc/windows_server_2012_r2

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-h2f6-5qrg-62w8: The Microsoft Server Message Block 1↗2022-05-13

▶

GHSA

GHSA-hrj7-qgrm-pp34: The Microsoft Server Message Block 1↗2022-05-13

▶

GHSA

GHSA-fgwg-p5ff-2987: The Microsoft Server Message Block 1↗2022-05-13

▶

GHSA

GHSA-5cgh-qxff-3rrw: The Microsoft Server Message Block 1↗2022-05-13

▶

📋Vendor Advisories

Microsoft

Windows SMB Remote Code Execution Vulnerability↗2017-05-09

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday - May 2017↗2017-05-10

▶

Talos

Microsoft Patch Tuesday - May 2017↗2017-05-10

▶

Qualys

Microsoft Fixes Malware Protection Engine and Several 0-Day Vulnerabilities, and Deprecates SHA-1 | Qualys↗2017-05-09

▶

Qualys

Microsoft Fixes Malware Protection Engine and Several 0-Day Vulnerabilities, and Deprecates SHA-1↗2017-05-09

▶