cve-2019-1168
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Summary
Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1803 Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
Microsoft Windows Server, version 1803 (Server Core Installation) Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*
Microsoft Windows 10 Version 1809 Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
Microsoft Windows Server 2019 Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
Microsoft Windows Server 2019 (Server Core installation) Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
Microsoft Windows 10 Version 1709 for 32-bit Systems Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
Microsoft Windows 10 Version 1709 Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
Microsoft Windows 10 Version 1903 for 32-bit Systems Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
Microsoft Windows 10 Version 1903 for x64-based Systems Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
Microsoft Windows 10 Version 1903 for ARM64-based Systems Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
Microsoft Windows Server, version 1903 (Server Core installation) Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
Microsoft Windows 10 Version 1507 Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
Microsoft Windows 10 Version 1607 Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
Microsoft Windows Server 2016 Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
Microsoft Windows Server 2016 (Server Core installation) Version: 10.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
Microsoft Windows 7 Version: 6.1.0   < publication
    cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*
Microsoft Windows 7 Service Pack 1 Version: 6.1.0   < publication
    cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*
Microsoft Windows 8.1 Version: 6.3.0   < publication
    cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
Microsoft Windows Server 2008 Service Pack 2 Version: 6.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*
Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Version: 6.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*
Microsoft Windows Server 2008 Service Pack 2 Version: 6.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*
Microsoft Windows Server 2008 R2 Systems Service Pack 1 Version: 6.1.0   < publication
    cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:itanium:*
Microsoft Windows Server 2008 R2 Service Pack 1 Version: 6.1.0   < publication
    cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*
Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Version: 6.0.0   < publication
    cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 Version: 6.2.0   < publication
    cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 (Server Core installation) Version: 6.2.0   < publication
    cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 R2 Version: 6.3.0   < publication
    cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 R2 (Server Core installation) Version: 6.3.0   < publication
    cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:06:31.777Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1168"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1703",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1803",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server, version 1803  (Server Core Installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 1709 for 32-bit Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1709",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Windows 10 Version 1903 for 32-bit Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Windows 10 Version 1903 for x64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Windows 10 Version 1903 for ARM64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server, version 1903 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x86:*"
          ],
          "platforms": [
            "32-bit Systems"
          ],
          "product": "Windows 7",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 7 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:itanium:*"
          ],
          "platforms": [
            "32-bit Systems",
            "IA64-based Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008  Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:itanium:*"
          ],
          "platforms": [
            "IA64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Systems Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-08-13T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\nThe update addresses this vulnerability by correcting how the p2pimsvc service handles processes these requests.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T16:50:55.470Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1168"
        }
      ],
      "title": "Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2019-1168",
    "datePublished": "2019-08-14T20:55:03",
    "dateReserved": "2018-11-26T00:00:00",
    "dateUpdated": "2024-08-04T18:06:31.777Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-1168\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2019-08-14T21:15:15.860\",\"lastModified\":\"2024-11-21T04:36:09.790\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.\\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\\nThe update addresses this vulnerability by correcting how the p2pimsvc service handles processes these requests.\\n\"},{\"lang\":\"es\",\"value\":\"Existe una elevaci\u00f3n de privilegios en el servicio p2pimsvc donde un atacante que explot\u00f3 con \u00e9xito la vulnerabilidad podr\u00eda ejecutar c\u00f3digo arbitrario con privilegios elevados. Para explotar esta vulnerabilidad, un atacante primero tendr\u00eda que iniciar sesi\u00f3n en el sistema, tambi\u00e9n se conoce como \\\"Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21540673-614A-4D40-8BD7-3F07723803B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEE2E768-0F45-46E1-B6D7-087917109D98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83B14968-3985-43C3-ACE5-8307196EFAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CB85C75-4D35-480E-843D-60579EC75FCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B8F3DD2-A145-4AF1-8545-CC42892DA3D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B1C231-DE19-4B8F-A4AA-5B3A65276E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6CE5198-C498-4672-AF4C-77AB4BE06C5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F422A8C-2C4E-42C8-B420-E0728037E15C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*\",\"matchCriteriaId\":\"B320A104-9037-487E-BC9A-62B4A6B49FD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAACE735-003E-4ACB-A82E-C0CF97D7F013\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B921FDB-8E7D-427E-82BE-4432585080CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"}]}]}],\"references\":[{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1168\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1168\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.