Microsoft Windows SMB Information Disclosure Vulnerability

By GIXnews


A vulnerability in the Server Message Block (SMB) component of Microsoft Windows could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.

The vulnerability exists because the affected software improperly processes SMB requests. An attacker could exploit this vulnerability by sending a packet that submits malicious input to the affected software. A successful exploit could allow the attacker to access sensitive information, which could be used to launch additional attacks.

Microsoft confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2019-0704

Source:: Cisco Multivendor Vulnerability Alerts