Microsoft Windows System Information Console CVE-2017-8557 Information Disclosure Vulnerability

description-logoDescription

An information disclosure vulnerability exists in the Microsoft Common Console Document (.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.

affected-products-logoAffected Applications

Windows 10
Windows 7
Windows 8
Windows RT 8.1
Windows Server 2008
Windows Server 2012
Windows Server 2016

CVE References

CVE-2017-8557