CVE-2017-8622 - Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when i

CVE-2017-8622

Summary

Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when it fails to properly handle handles NT pipes, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability".

References

http://www.securityfocus.com/bid/100040
http://www.securitytracker.com/id/1039103
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8622

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	100040
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8622
sectrack	1039103

Last major update

03-10-2019 - 00:03

Published

08-08-2017 - 21:29

Last modified

03-10-2019 - 00:03