CVE-2018-0828

MEDIUM

Description

Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability".

References

http://www.securityfocus.com/bid/102935

http://www.securitytracker.com/id/1040373

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828

Details

Source: MITRE

Published: 2018-02-15

Updated: 2018-03-14

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 4.6

Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH