Vulnerability Manager Plus

LDAP Elevation of Privilege Vulnerability for Windows Server 2012 (KB4015548) - Petya ransomware attack (CVE-2017-0199)

Risk Information

Base Score

8.1

MODERATE

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

EPSS Score

Exploitation Probability

94.327%

CVE Information

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
22280

Patch Description
April, 2017 Security Only Quality Update for Windows Server 2012 (KB4015548) - Petya ransomware attack (CVE-2017-0199)

References

http://pastebin.com/raw/Eztknq4s
http://rewtin.blogspot.nl/2017/04/cve-2017-0199-practical-exploitation-poc.html
http://www.securityfocus.com/bid/96098
http://www.securityfocus.com/bid/97427
http://www.securityfocus.com/bid/97437
http://www.securityfocus.com/bid/97438
http://www.securityfocus.com/bid/97446
http://www.securityfocus.com/bid/97452
http://www.securityfocus.com/bid/97455
http://www.securityfocus.com/bid/97462
http://www.securityfocus.com/bid/97466
http://www.securityfocus.com/bid/97475
http://www.securityfocus.com/bid/97498
http://www.securityfocus.com/bid/97507
http://www.securityfocus.com/bid/97514
http://www.securitytracker.com/id/1038016
http://www.securitytracker.com/id/1038224
http://www.securitytracker.com/id/1038230
http://www.securitytracker.com/id/1038231
http://www.securitytracker.com/id/1038237
http://www.securitytracker.com/id/1038238
http://www.securitytracker.com/id/1038239
http://www.securitytracker.com/id/1038240
http://www.securitytracker.com/id/1038245
https://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-6629
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0042
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0058
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0156
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0158
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0166
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0168
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0180
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0182
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0184
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0185
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0186
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0188
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0191
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0192
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0199
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0211
https://twitter.com/Qab/status/842506404950917120
https://www.exploit-db.com/exploits/41879/
https://www.exploit-db.com/exploits/41894/
https://www.exploit-db.com/exploits/41902/
https://www.exploit-db.com/exploits/41934/
https://www.exploit-db.com/exploits/42995/
https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.html
https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0183
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0169