← Back

CVE-2018-0751

nvd nist
Published: Jan 4, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.1
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Exploitability: 1.8 / Impact: 5.2
Source: NVD

Description

The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0752.

Affected (11)

Microsoft
5 products
Windows 10
Windows 8.1
Windows Rt 8.1
Windows Server 2012
Windows Server 2016
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Windows 10
All versions
Windows 10
Version 1511
Windows 10
Version 1607
Windows 10
Version 1703
Windows 10
Version 1709
Windows 8.1
All versions
Windows Rt 8.1
All versions
Microsoft
Windows Server 2012
All versions
Windows Server 2012
Version r2
Microsoft
Windows Server 2016
All versions
Windows Server 2016
Version 1709

Related CWEs

CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (8)

Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Vendor Advisory
Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.