[Forgot Password]
Login  Register Subscribe

26408

 
 

132812

 
 

151495

 
 

909

 
 

120991

 
 

163

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2017-8493Date: (C)2017-06-16   (M)2020-08-17


Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability".

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.5CVSS Score : 2.1
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: NONEAvailability: NONE
Integrity: HIGH 
Availability: NONE 
  
Reference:
SECTRACK-1038671
BID-98850
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493

CPE    5
cpe:/o:microsoft:windows_rt_8.1:-
cpe:/o:microsoft:windows_server_2016:-
cpe:/o:microsoft:windows_10:1511
cpe:/o:microsoft:windows_10:1607
...
CWE    1
CWE-178
OVAL    7
oval:org.secpod.oval:def:40937
oval:org.secpod.oval:def:41105
oval:org.secpod.oval:def:40933
oval:org.secpod.oval:def:40934
...

© SecPod Technologies