Microsoft Windows SMB Shares Unprivileged Access
Posted by Peter Bassill on 29/07/2019
This vulnerability will allow an attacker on a connected network to view any of the files contained within the file share. In some circumstances, it may be possible to add new files and modify existing files within the file share.
Adding New Files:
Supports internally based phishing attack
Distributes malware or other malicious code with a network
Modifying Existing Files:
Performing an integrity based attack on documents, common with financial records
Hiding activities where log files can be modified
Nessus ID: 42411
CVSS v2.0 Base Score: 7.5
The remote has one or more Windows shares that can be accessed through the network with the given credentials.Depending on the share rights, it may allow an attacker to read/write confidential data.
How to fix
To restrict access under Windows, open Explorer, do a right click on each share, go to the 'sharing' tab, and click on 'permissions'.