CVE-2020-0728

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
microsoftCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
microsoftwindows_server_2016
-
microsoftwindows_server_2019
-
𝑥
= Vulnerable software versions
References
http://packetstormsecurity.com/files/156394/Microsoft-Windows-Modules-Installer-Service-Information-Disclosure.html
http://seclists.org/fulldisclosure/2020/Feb/16
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0728
https://seclists.org/bugtraq/2020/Feb/21
http://packetstormsecurity.com/files/156394/Microsoft-Windows-Modules-Installer-Service-Information-Disclosure.html
http://seclists.org/fulldisclosure/2020/Feb/16
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0728
https://seclists.org/bugtraq/2020/Feb/21