CVE-2002-1256

Description

The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying group policy information sent from a domain controller.

Risk Information

Base Score

7.4

MODERATE

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS Score

Exploitation Probability

31.587

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234