MEDIUM
An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory, aka '.NET Framework Information Disclosure Vulnerability'.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16937
Source: MITRE
Published: 2020-10-16
Updated: 2020-10-21
Type: CWE-200
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM
AND
OR
OR
AND
OR
OR
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
AND
OR
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
OR
AND
OR
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
OR
AND
OR
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
OR
AND
OR
OR
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
AND
OR
OR
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*
AND
OR
OR
AND
OR
OR
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
AND
OR
OR
AND
OR
cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
OR
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
AND
OR
OR
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 141503 | Security Updates for Microsoft .NET Framework (October 2020) | Nessus | Windows : Microsoft Bulletins | medium |
| 141434 | KB4580346: Windows 10 Version 1607 and Windows Server 2016 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141433 | KB4577668: Windows 10 Version 1809 and Windows Server 2019 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141432 | KB4580385: Windows Server 2008 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141431 | KB4580387: Windows 7 and Windows Server 2008 R2 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141427 | KB4577671: Windows 10 Version 1903 and Windows 10 Version 1909 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141426 | KB4580353: Windows Server 2012 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141424 | KB4580327: Windows 10 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141423 | KB4579311: Windows 10 Version 2004 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141422 | KB4580330: Windows 10 Version 1803 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141420 | KB4580328: Windows 10 Version 1709 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |
| 141416 | KB4580358: Windows 8.1 and Windows Server 2012 R2 October 2020 Security Update | Nessus | Windows : Microsoft Bulletins | high |