Lucene search

[email protected]CVE-2018-0809

HistoryFeb 15, 2018 - 2:29 a.m.

CVE-2018-0809

2018-02-1502:29:01

[email protected]

web.nvd.nist.gov

windows

kernel

elevation of privilege

vulnerability

cve-2018-0809

windows 10

windows server

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.9%

JSON

The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka “Windows Elevation of Privilege Vulnerability”. This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843.

Affected configurations

Vulners

NVD

Node

microsoft_corporationwindows

CPENameOperatorVersion
microsoft:windows_10microsoft windows 10eq1703
microsoft:windows_10microsoft windows 10eq1709
microsoft:windows_server_2016microsoft windows server 2016eq1709

CPE	Name	Operator	Version
microsoft:windows_10	microsoft windows 10	eq	1703
microsoft:windows_10	microsoft windows 10	eq	1709
microsoft:windows_server_2016	microsoft windows server 2016	eq	1709

CNA Affected

[
  {
    "product": "Windows",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Windows 10, versions 1703 and 1709, and Windows Server, version 1709"
      }
    ]
  }
]