Lucene search

K
cveMicrosoftCVE-2018-0830
HistoryFeb 15, 2018 - 2:29 a.m.

CVE-2018-0830

2018-02-1502:29:02
CWE-200
microsoft
web.nvd.nist.gov
98
windows
kernel
information disclosure
cve-2018-0830
security vulnerability
nvd

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

40.0%

The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka “Windows Information Disclosure Vulnerability”. This CVE is unique from CVE-2018-0829 and CVE-2018-0832.

Affected configurations

Nvd
Vulners
Node
microsoftwindows_10Match-
OR
microsoftwindows_10Match1511
OR
microsoftwindows_10Match1607
OR
microsoftwindows_10Match1703
OR
microsoftwindows_10Match1709
OR
microsoftwindows_7Match-sp1
OR
microsoftwindows_8.1
OR
microsoftwindows_rt_8.1Match-
OR
microsoftwindows_server_2008Match-sp2
OR
microsoftwindows_server_2008Matchr2sp1
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2016Match1709
VendorProductVersionCPE
microsoftwindows_10-cpe:/o:microsoft:windows_10:-:::
microsoftwindows_server_2016-cpe:/o:microsoft:windows_server_2016:-:::
microsoftwindows_101607cpe:/o:microsoft:windows_10:1607:::
microsoftwindows_server_2012-cpe:/o:microsoft:windows_server_2012:-:::
microsoftwindows_server_2008-cpe:/o:microsoft:windows_server_2008:-:sp2::
microsoftwindows_server_2012r2cpe:/o:microsoft:windows_server_2012:r2:::
microsoftwindows_server_20161709cpe:/o:microsoft:windows_server_2016:1709:::
microsoftwindows_101709cpe:/o:microsoft:windows_10:1709:::
microsoftwindows_7-cpe:/o:microsoft:windows_7:-:sp1::
microsoftwindows_101703cpe:/o:microsoft:windows_10:1703:::
Rows per page:
1-10 of 141

CNA Affected

[
  {
    "product": "Windows",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"
      }
    ]
  }
]

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

40.0%