Lucene search

[email protected]CVE-2017-8574

HistoryJul 11, 2017 - 9:29 p.m.

CVE-2017-8574

2017-07-1121:29:01

CWE-281

[email protected]

web.nvd.nist.gov

cve-2017-8574

graphics

microsoft

windows 10

windows server 2016

elevation of privilege

vulnerability

nvd

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.6%

JSON

Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka “Microsoft Graphics Component Elevation of Privilege Vulnerability”. This CVE ID is unique from CVE-2017-8573 and CVE-2017-8556.

Affected configurations

Vulners

NVD

Node

microsoft_corporationmicrosoft_windows_10_1607\,_1703\,_and_windows_server_2016

CPENameOperatorVersion
microsoft:windows_10microsoft windows 10eq1607
microsoft:windows_10microsoft windows 10eq1703
microsoft:windows_server_2016microsoft windows server 2016eq*

CPE	Name	Operator	Version
microsoft:windows_10	microsoft windows 10	eq	1607
microsoft:windows_10	microsoft windows 10	eq	1703
microsoft:windows_server_2016	microsoft windows server 2016	eq	*

CNA Affected

[
  {
    "product": "Microsoft Windows 10 1607, 1703, and Windows Server 2016",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Graphics"
      }
    ]
  }
]