[Forgot Password]
Login  Register Subscribe

25354

 
 

132804

 
 

134339

 
 

909

 
 

108885

 
 

152

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2017-8493Date: (C)2017-06-16   (M)2019-11-25


Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability".

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.5CVSS Score : 2.1
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: NONEAvailability: NONE
Integrity: HIGH 
Availability: NONE 
  
Reference:
SECTRACK-1038671
BID-98850
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493

CPE    5
cpe:/o:microsoft:windows_rt_8.1:-
cpe:/o:microsoft:windows_10:1511
cpe:/o:microsoft:windows_10:1703
cpe:/o:microsoft:windows_server_2016:-
...
CWE    1
CWE-178
OVAL    7
oval:org.secpod.oval:def:40933
oval:org.secpod.oval:def:40934
oval:org.secpod.oval:def:40939
oval:org.secpod.oval:def:40938
...

© SecPod Technologies