7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.927 High
EPSS
Percentile
99.0%
A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka âWindows Shell Remote Code Execution Vulnerability.â This affects Windows Server 2016, Windows 10, Windows 10 Servers.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_server_2016 | (Server Core installation) | cpe:2.3:o:microsoft:windows_server_2016:(Server Core installation):*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1607 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1607 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1607 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1607 for x64-based Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1703 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1703 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1703 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1703 for x64-based Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1709 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1709 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1709 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1709 for x64-based Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1803 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1803 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1803 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1803 for x64-based Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | * | cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:* |
More
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.927 High
EPSS
Percentile
99.0%