An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
http://www.securityfocus.com/bid/106408
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0543
Source: MITRE
Published: 2019-01-08
Updated: 2020-08-24
Type: CWE-287
Base Score: 4.6
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 3.9
Severity: MEDIUM
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8
Severity: HIGH
OR
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
121020 | KB4480978: Windows 10 Version 1709 and Windows Server Version 1709 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121019 | KB4480972: Windows Server 2012 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121018 | KB4480973: Windows 10 Version 1703 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121017 | KB4480960: Windows 7 and Windows Server 2008 R2 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121016 | KB4480957: Windows Server 2008 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121015 | KB4480966: Windows 10 Version 1803 and Windows Server Version 1803 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121014 | KB4480964: Windows 8.1 and Windows Server 2012 R2 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121013 | KB4480962: Windows 10 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121012 | KB4480961: Windows 10 Version 1607 and Windows Server 2016 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |
121011 | KB4480116: Windows 10 Version 1809 and Windows Server 2019 January 2019 Security Update | Nessus | Windows : Microsoft Bulletins | high |