CVE-2018-8337 - A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles c

CVE-2018-8337

Summary

A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity, aka "Windows Subsystem for Linux Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.

References

http://www.securityfocus.com/bid/105250
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8337

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-178

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	105250
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8337

Last major update

03-10-2019 - 00:03

Published

13-09-2018 - 00:29

Last modified

03-10-2019 - 00:03