NVD - CVE-2017-0144 (original) (raw)

CVE Modified by CVE 11/20/2024 10:02:25 PM

Action Type Old Value New Value
Added Reference http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html
Added Reference http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html
Added Reference http://www.securityfocus.com/bid/96704
Added Reference http://www.securitytracker.com/id/1037991
Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf
Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf
Added Reference https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
Added Reference https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144
Added Reference https://www.exploit-db.com/exploits/41891/
Added Reference https://www.exploit-db.com/exploits/41987/
Added Reference https://www.exploit-db.com/exploits/42030/
Added Reference https://www.exploit-db.com/exploits/42031/

Modified Analysis by NIST 7/24/2024 12:03:46 PM

Action Type Old Value New Value
Added CVSS V3.1 NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Removed CVSS V3 NIST AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE NIST NVD-CWE-noinfo
Removed CWE NIST CWE-20
Changed CPE Configuration Record truncated, showing 500 of 844 characters. View Entire Change Record AND OR *cpe:2.3:a:microsoft:server_message_block:1.0:*:*:*:*:*:*:* OR cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2008:-:sp2: Record truncated, showing 500 of 850 characters. View Entire Change Record AND OR *cpe:2.3:a:microsoft:server_message_block:1.0:*:*:*:*:*:*:* OR cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_20
Added CPE Configuration AND OR *cpe:2.3:o:siemens:acuson_p300_firmware:13.02:*:*:*:*:*:*:* *cpe:2.3:o:siemens:acuson_p300_firmware:13.03:*:*:*:*:*:*:* *cpe:2.3:o:siemens:acuson_p300_firmware:13.20:*:*:*:*:*:*:* *cpe:2.3:o:siemens:acuson_p300_firmware:13.21:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:acuson_p300:-:*:*:*:*:*:*:*
Added CPE Configuration AND OR *cpe:2.3:o:siemens:acuson_p500_firmware:va10:*:*:*:*:*:*:* *cpe:2.3:o:siemens:acuson_p500_firmware:vb10:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:acuson_p500:-:*:*:*:*:*:*:*
Added CPE Configuration AND OR *cpe:2.3:o:siemens:acuson_sc2000_firmware:*:*:*:*:*:*:*:* versions from (including) 4.0 up to (excluding) 4.0e *cpe:2.3:o:siemens:acuson_sc2000_firmware:5.0a:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:acuson_sc2000:-:*:*:*:*:*:*:*
Added CPE Configuration AND OR *cpe:2.3:o:siemens:acuson_x700_firmware:1.0:*:*:*:*:*:*:* *cpe:2.3:o:siemens:acuson_x700_firmware:1.1:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:acuson_x700:-:*:*:*:*:*:*:*
Added CPE Configuration AND OR *cpe:2.3:o:siemens:syngo_sc2000_firmware:*:*:*:*:*:*:*:* versions from (including) 4.0 up to (excluding) 4.0e *cpe:2.3:o:siemens:syngo_sc2000_firmware:5.0a:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:syngo_sc2000:-:*:*:*:*:*:*:*
Added CPE Configuration AND OR *cpe:2.3:o:siemens:tissue_preparation_system_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:tissue_preparation_system:-:*:*:*:*:*:*:*
Added CPE Configuration AND OR *cpe:2.3:o:siemens:versant_kpcr_molecular_system_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:versant_kpcr_molecular_system:-:*:*:*:*:*:*:*
Added CPE Configuration AND OR *cpe:2.3:o:siemens:versant_kpcr_sample_prep_firmware:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:versant_kpcr_sample_prep:-:*:*:*:*:*:*:*
Changed Reference Type http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html No Types Assigned http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html Exploit, Third Party Advisory, VDB Entry
Changed Reference Type http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html No Types Assigned http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html Exploit, Third Party Advisory, VDB Entry
Changed Reference Type http://www.securityfocus.com/bid/96704 No Types Assigned http://www.securityfocus.com/bid/96704 Broken Link, Third Party Advisory, VDB Entry
Changed Reference Type http://www.securitytracker.com/id/1037991 No Types Assigned http://www.securitytracker.com/id/1037991 Broken Link, Third Party Advisory, VDB Entry
Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf Third Party Advisory
Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf Third Party Advisory
Changed Reference Type https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 No Types Assigned https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 Third Party Advisory, US Government Resource
Changed Reference Type https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144 Vendor Advisory https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144 Patch, Vendor Advisory
Changed Reference Type https://www.exploit-db.com/exploits/41891/ No Types Assigned https://www.exploit-db.com/exploits/41891/ Exploit, Third Party Advisory, VDB Entry
Changed Reference Type https://www.exploit-db.com/exploits/41987/ No Types Assigned https://www.exploit-db.com/exploits/41987/ Exploit, Third Party Advisory, VDB Entry
Changed Reference Type https://www.exploit-db.com/exploits/42030/ No Types Assigned https://www.exploit-db.com/exploits/42030/ Exploit, Third Party Advisory, VDB Entry
Changed Reference Type https://www.exploit-db.com/exploits/42031/ No Types Assigned https://www.exploit-db.com/exploits/42031/ Exploit, Third Party Advisory, VDB Entry

CVE Modified by Microsoft Corporation 5/14/2024 12:10:28 AM

Action Type Old Value New Value

CVE Modified by Microsoft Corporation 2/04/2020 12:15:11 PM

Action Type Old Value New Value
Added Reference http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html [No Types Assigned]

CVE Modified by Microsoft Corporation 10/01/2019 7:15:10 PM

Action Type Old Value New Value
Added Reference http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html [No Types Assigned]

CVE Modified by Microsoft Corporation 6/20/2018 9:29:00 PM

Action Type Old Value New Value
Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf [No Types Assigned]

CVE Modified by Microsoft Corporation 5/10/2018 9:29:00 PM

Action Type Old Value New Value
Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf [No Types Assigned]

CVE Modified by Microsoft Corporation 3/27/2018 9:29:04 PM

Action Type Old Value New Value
Added Reference https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 [No Types Assigned]

CVE Modified by Microsoft Corporation 8/15/2017 9:29:13 PM

Action Type Old Value New Value
Added Reference https://www.exploit-db.com/exploits/41891/ [No Types Assigned]
Added Reference https://www.exploit-db.com/exploits/41987/ [No Types Assigned]

CVE Modified by Microsoft Corporation 8/12/2017 9:29:15 PM

Action Type Old Value New Value
Added Reference https://www.exploit-db.com/exploits/42030/ [No Types Assigned]
Added Reference https://www.exploit-db.com/exploits/42031/ [No Types Assigned]

CVE Modified by Microsoft Corporation 7/17/2017 9🔞10 AM

Action Type Old Value New Value
Added Reference http://www.securitytracker.com/id/1037991 [No Types Assigned]

CVE Modified by Microsoft Corporation 3/17/2017 9:59:05 PM

Action Type Old Value New Value
Added Reference http://www.securityfocus.com/bid/96704 [No Types Assigned]

Initial Analysis by NIST 3/17/2017 3:36:16 PM

Action Type Old Value New Value
Added CVSS V3 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CVSS V2 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Added CWE CWE-20
Added CPE Configuration Record truncated, showing 500 of 844 characters. View Entire Change Record AND OR *cpe:2.3:a:microsoft:server_message_block:1.0:*:*:*:*:*:*:* OR cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2008:-:sp2:
Changed Reference Type https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144 No Types Assigned https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144 Vendor Advisory