Home

CVE-2017-11782

Description

The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the server, aka Windows SMB Elevation of Privilege Vulnerability.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
0.724

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems (KB4041691) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems (KB4041691) - DeltaWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4041691) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4041691) - DeltaWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4041691) - CumulativeWindows
Microsoft Edge Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4041691) - DeltaWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-23209Cumulative Update for Windows Server 2016 for x64-based Systems (KB4041691)
PATCH-23210Delta Update for Windows Server 2016 for x64-based Systems (KB4041691)
PATCH-23206Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4041691)
PATCH-23208Delta Update for Windows 10 Version 1607 for x64-based Systems (KB4041691)
PATCH-23205Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4041691)
PATCH-23207Delta Update for Windows 10 Version 1607 for x86-based Systems (KB4041691)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234