CVE-2021-36960
published 2021-09-15CVE-2021-36960: Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability
high7.5
Windows SMB Information Disclosure Vulnerability
Windows SMB Information Disclosure Vulnerability
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_version_1507 | >= 10.0.0 < 10.0.10240.19060 | 10.0.10240.19060 |
| microsoft | windows_10_version_1607 | >= 10.0.0 < 10.0.14393.4651 | 10.0.14393.4651 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.2183 | 10.0.17763.2183 |
| microsoft | windows_10_version_1909 | >= 10.0.0 < 10.0.18363.1801 | 10.0.18363.1801 |
| microsoft | windows_10_version_2004 | >= 10.0.0 < 10.0.19041.1237 | 10.0.19041.1237 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.1237 | 10.0.19042.1237 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1237 | 10.0.19043.1237 |
| microsoft | windows_7 | >= 6.1.0 < 6.1.7601.25712 | 6.1.7601.25712 |
| microsoft | windows_7_service_pack_1 | >= 6.1.0 < 6.1.7601.25712 | 6.1.7601.25712 |
| microsoft | windows_8.1 | >= 6.3.0 < 6.3.9600.20120 | 6.3.9600.20120 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.0.0 < 6.1.7601.25712 | 6.1.7601.25712 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.0 < 6.1.7601.25712 | 6.1.7601.25712 |
| microsoft | windows_server_2012 | >= 6.2.0 < 6.2.9200.23462 | 6.2.9200.23462 |
| microsoft | windows_server_2012_r2 | >= 6.3.0 < 6.3.9600.20120 | 6.3.9600.20120 |
| microsoft | windows_server_2016 | >= 10.0.0 < 10.0.14393.4651 | 10.0.14393.4651 |
| microsoft | windows_server_2019 | >= 10.0.0 < 10.0.17763.2183 | 10.0.17763.2183 |
| microsoft | windows_server_2022 | >= 10.0.0 < 10.0.20348.230 | 10.0.20348.230 |
| microsoft | windows_server_version_2004 | >= 10.0.0 < 10.0.19041.1237 | 10.0.19041.1237 |
| microsoft | windows_server_version_20h2 | >= 10.0.0 < 10.0.19042.1237 | 10.0.19042.1237 |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_1909 | — | — |
| msrc | windows_10_version_2004 | — | — |
| msrc | windows_10_version_20h2 | — | — |
GHSA
GHSA-m784-4mwr-q2x2: Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36960
ghsa_unreviewed·2022-05-24·CVSS 7.5
CVE-2021-36972 [HIGH] GHSA-m784-4mwr-q2x2: Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36960
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36960.
GHSA
GHSA-v5q4-4mmg-j37c: Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972
ghsa_unreviewed·2022-05-24·CVSS 5.5
CVE-2021-36960 [MEDIUM] GHSA-v5q4-4mmg-j37c: Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.
CVEList
Windows SMB Information Disclosure Vulnerability
cvelistv5·2021-09-15·CVSS 7.5
CVE-2021-36960 [HIGH] Windows SMB Information Disclosure Vulnerability
Windows SMB Information Disclosure Vulnerability
Windows SMB Information Disclosure Vulnerability
Microsoft
Windows SMB Information Disclosure Vulnerability
vendor_msrc·2021-09-14·CVSS 7.5
CVE-2021-36960 [HIGH] Windows SMB Information Disclosure Vulnerability
Windows SMB Information Disclosure Vulnerability
FAQ: What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process.
Windows SMB: Windows SMB
Microsoft: Microsoft
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005568
Reference: https://support.microsoft.com/help/5005568
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?
No detection rules found.
No public exploits indexed.
2021-09-15
Published