CVE-2017-11782

high

Description

The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Elevation of Privilege Vulnerability".

References

http://www.securityfocus.com/bid/101143

http://www.securitytracker.com/id/1039528

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11782

Details

Source: MITRE

Published: 2017-10-13

Updated: 2019-10-03

Type: CWE-20

Risk Information

CVSS v2

Base Score: 4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH