CFS-2020-001: SMBv3 Security Vulnerabilities

Issue Date: 2020/03/12
Updated Date: 2020/03/12
Title: SMBv3 Security Vulnerabilities
Classification: No Impact
Status: Closed
Affected Products: All supported versions

Summary

Security Vulnerabilities related to Microsoft Server Message Block 3.0 (SMBv3)

Details

CVE-2020-0796 is a remote code execution vulnerability in Microsoft Server Message Block 3.0 (SMBv3). An attacker could exploit this bug by sending a specially crafted packet to the target SMBv3 server, which the victim needs to be connected to.

Customers who have configured on other applications may receive more help on this issue by visiting https://www.helpnetsecurity.com/2020/03/11/cve-2020-0796/ or https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 for more information.

Resolution

This issue does not impact Panzura CloudFS since the SAMBA is not affected and the Server Message Block 3.0 (SMBv3) Compression has not been implemented by Panzura.