Vulnerability Name: | CVE-2016-3345 (CCN-116435) | ||||||||||||
Assigned: | 2016-09-13 | ||||||||||||
Published: | 2016-09-13 | ||||||||||||
Updated: | 2018-10-12 | ||||||||||||
Summary: | The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Authenticated Remote Code Execution Vulnerability." | ||||||||||||
CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-284 | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2016-3345 Source: CCN Type: Microsoft Security Bulletin MS16-114 Security Update for Windows SMBv1 Server (3185879) Source: CCN Type: Microsoft Security Bulletin MS17-010 Security Update for Windows SMB Server (4013389) Source: BID Type: UNKNOWN 92859 Source: CCN Type: BID-92859 Microsoft Windows SMB Server CVE-2016-3345 Remote Code Execution Vulnerability Source: SECTRACK Type: UNKNOWN 1036803 Source: MS Type: UNKNOWN MS16-114 Source: XF Type: UNKNOWN ms-smb-cve20163345-code-exec(116435) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |