ID CVE-2018-0833
Summary The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability".
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
CVSS
Base: 6.3 (as of 13-03-2019 - 15:23)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:S/C:N/I:N/A:C
refmap via4
bid 102924
confirm https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0833
exploit-db 44189
misc https://github.com/KINGSABRI/CVE-in-Ruby/tree/master/CVE-2018-0833
sectrack 1040375
Last major update 13-03-2019 - 15:23
Published 15-02-2018 - 02:29
Last modified 13-03-2019 - 15:23
Back to Top