CVE-2021-27079 : Windows Media Photo Codec Information Disclosure Vulnerability

Windows Media Photo Codec Information Disclosure Vulnerability

Published 2021-04-13 20:15:16

Updated 2023-12-29 20:15:59

View at NVD, CVE.org

Vulnerability category: Information leak

Exploit prediction scoring system (EPSS) score for CVE-2021-27079

Probability of exploitation activity in the next 30 days: 0.97%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.3	MEDIUM	AV:N/AC:M/Au:S/C:C/I:N/A:N	6.8	6.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Complete Integrity Impact: None Availability Impact: None
5.7	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N	2.1	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: None
5.7	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N	2.1	3.6	Microsoft Corporation
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: None

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27079

CVE-2021-27079 - Security Update Guide - Microsoft - Windows Media Photo Codec Information Disclosure Vulnerability
Patch;Vendor Advisory

Microsoft » Windows 10 » Version: N/A
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1607
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1803
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1809
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1909
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 20h2
cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 2004
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: 1909
cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: 20h2
cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: 2004
cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2019 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
Matching versions