VDB
CISA-2017-0147
CISA-2017-0147
PUBLISHED
CVSS 7.5 HIGH
Reported by microsoft · Published March 17, 2017
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Corporation | Windows SMB | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 |
| Microsoft Corporation | Windows SMB | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016, * |
Timeline
- Mar 17, 2017 CVE Published
- Oct 21, 2025 CVE Updated
References
- 41891 exploitx_refsource_EXPLOIT-DB
- 1037991 vdb-entryx_refsource_SECTRACK
- 96709 vdb-entryx_refsource_BID
- x_refsource_CONFIRM
- x_refsource_MISC
- 41987 exploitx_refsource_EXPLOIT-DB
- x_refsource_CONFIRM
- 43970 exploitx_refsource_EXPLOIT-DB
- x_refsource_CONFIRM
- x_refsource_MISC
- x_refsource_MISC
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-0147 url