An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system
To exploit this vulnerability, an attacker would need to run a specially crafted application against an RPC server which has Routing and Remote Access enabled. Routing and Remote Access is a non-default configuration; systems without it enabled are not vulnerable.
The security update addresses the vulnerability by correcting how the Routing and Remote Access service handles requests.
Metrics
Affected Vendors & Products
References
History
Mon, 18 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: microsoft
Published: 2020-08-17T19:13:01
Updated: 2024-11-18T17:26:18.963Z
Reserved: 2019-11-04T00:00:00
Link: CVE-2020-1383
Vulnrichment
Updated: 2024-08-04T06:32:00.946Z
NVD
Status : Modified
Published: 2020-08-17T19:15:14.617
Modified: 2024-11-21T05:10:22.973
Link: CVE-2020-1383
Redhat
No data.