CVE-2018-0964 - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails

CVE-2018-0964

Summary

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0957.

References

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*

CVSS

Base:	1.9 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:M/Au:N/C:P/I:N/A:N

refmap via4

bid	103646
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0964
sectrack	1040662

Last major update

24-08-2020 - 17:37

Published

12-04-2018 - 01:29

Last modified

24-08-2020 - 17:37