SMB: Microsoft Windows SMBv1 CVE-2017-11815 Information Disclosure

An information disclosure vulnerability has been reported in the SMB Server component of Microsoft Windows. A remote, authenticated attacker could exploit the vulnerability by sending a crafted request to a target SMB server. Successful exploitation could result in the disclosure of information which may be used to facilitate further attacks.

Extended Description

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

Affected Products

Microsoft windows_server_2016

References

BugTraq: 101136

CVE: CVE-2017-11815

Short Name
SMB:INFO:MS-CVE-2017-11815-ID
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
SMB
Keywords
CVE-2017-11815 Disclosure Information Microsoft SMBv1 Windows bid:101136
Release Date
11/21/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Microsoft

CVSS Score

3.5

Found a potential security threat?