CVE-2017-0277

Published May 12, 2017

Last updated 5 years ago

Overview

Description
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0272, CVE-2017-0278, and CVE-2017-0279.
Source
secure@microsoft.com
NVD status
Modified

Social media

Hype score
Not currently trending

Risk scores

CVSS 3.0

Type
Primary
Base score
7
Impact score
4.7
Exploitability score
2.2
Vector string
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Severity
HIGH

CVSS 2.0

Type
Primary
Base score
6.8
Impact score
6.4
Exploitability score
8.6
Vector string
AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo

Configurations