CVE-2018-0822

MEDIUM

Description

NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way NTFS handles objects, aka "Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability".

References

http://www.securityfocus.com/bid/102942

http://www.securitytracker.com/id/1040378

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0822

https://www.exploit-db.com/exploits/44147/

Details

Source: MITRE

Published: 2018-02-15

Updated: 2019-10-03

Risk Information

CVSS v2.0

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3.0

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1

Severity: HIGH