CVE-2020-16996 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
microsoft	CNA	6.5 MEDIUM				CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 92%

Affected Products (NVD)

Vendor	Product	Version
microsoft	windows_server_2012	-
microsoft	windows_server_2016	-
microsoft	windows_server_2019	-

𝑥

= Vulnerable software versions

Windows Releases

Platform

Version

Windows Server

1903 Server Core	KB4592449
1909 Server Core	KB5000808
2004 Server Core	KB5000802
20H2 Server Core	KB5000802

Windows Server 2012

Server Core	KB5000847
Standard	KB5000847

Windows Server 2012 R2

Server Core	KB5000853
Standard	KB5000853

Windows Server 2016

Server Core	KB5000803
Standard	KB5000803

Windows Server 2019

Server Core	KB5000822
Standard	KB5000822

Ubuntu Releases

Ubuntu Product

Codename

krb5

bionic	not-affected
focal	not-affected
groovy	not-affected
trusty	not-affected
xenial	not-affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-16996

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16996