CVE-2014-4074

2014-09-1001:55:09

CWE-264

[email protected]

web.nvd.nist.gov

task scheduler

microsoft windows

cve-2014-4074

privilege escalation

6.5 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

29.2%

JSON

The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via an application that schedules a crafted task, aka “Task Scheduler Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_8Match-

microsoftwindows_8.1Match-

microsoftwindows_rtMatch-

microsoftwindows_rt_8.1Match-

microsoftwindows_server_2012Match-

microsoftwindows_server_2012Matchr2

CPENameOperatorVersion
microsoft:windows_8microsoft windows 8eq-
microsoft:windows_8.1microsoft windows 8.1eq-
microsoft:windows_rtmicrosoft windows rteq-
microsoft:windows_rt_8.1microsoft windows rt 8.1eq-
microsoft:windows_server_2012microsoft windows server 2012eq-
microsoft:windows_server_2012microsoft windows server 2012eqr2

CPE	Name	Operator	Version
microsoft:windows_8	microsoft windows 8	eq	-
microsoft:windows_8.1	microsoft windows 8.1	eq	-
microsoft:windows_rt	microsoft windows rt	eq	-
microsoft:windows_rt_8.1	microsoft windows rt 8.1	eq	-
microsoft:windows_server_2012	microsoft windows server 2012	eq	-
microsoft:windows_server_2012	microsoft windows server 2012	eq	r2