CVE-2018-0823 - The Named Pipe File System in Windows 10 version 1709 and Windows Server, version 1709 allows an ele

CVE-2018-0823

Summary

The Named Pipe File System in Windows 10 version 1709 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Named Pipe File System handles objects, aka "Named Pipe File System Elevation of Privilege Vulnerability".

References

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*

CVSS

Base:	4.4 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	102919
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0823
exploit-db	44148
sectrack	1040379

Last major update

03-10-2019 - 00:03

Published

15-02-2018 - 02:29

Last modified

03-10-2019 - 00:03