{ "id": "CVE-2020-16897", "sourceIdentifier": "secure@microsoft.com", "published": "2020-10-16T23:15:13.507", "lastModified": "2020-10-22T14:00:14.277", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory, aka 'NetBT Information Disclosure Vulnerability'." }, { "lang": "es", "value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n cuando NetBIOS a trav\u00e9s de TCP (NBT) Extensions (NetBT) manejan inapropiadamente objetos en memoria, tambi\u00e9n se conoce como \"NetBT Information Disclosure Vulnerability\"" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1 }, "baseSeverity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "matchCriteriaId": "AAE74AF3-C559-4645-A6C0-25C3D647AAC8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:x64:*", "matchCriteriaId": "85A7C1C6-7390-4B26-8FED-F067EC3DF1A0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:x86:*", "matchCriteriaId": "2E91BCB5-D0F7-4D53-BC85-D114C2D87A9C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:x64:*", "matchCriteriaId": "9D654D3A-6A99-4904-8B37-E52E80F7C85A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:x86:*", "matchCriteriaId": "01A6D6B4-B97F-4C8C-AD09-11454F0A39CE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:-:*:x64:*", "matchCriteriaId": "710261F6-84AA-41E0-8D21-227CC2E556CF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:-:*:x86:*", "matchCriteriaId": "62E01D64-DEAB-4858-9B39-B747728C3DA7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:-:*:-:*", "matchCriteriaId": "44A1A867-3DAC-4C42-A091-E07B6672EE6F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "matchCriteriaId": "5B921FDB-8E7D-427E-82BE-4432585080CF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "matchCriteriaId": "C253A63F-03AB-41CB-A03A-B2674DEA98AA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "matchCriteriaId": "0B60D940-80C7-49F0-8F4E-3F99AC15FA82" }, { "vulnerable": true, "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" } ] } ] } ], "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16897", "source": "secure@microsoft.com", "tags": [ "Patch", "Vendor Advisory" ] } ] }