CVE-2017-8493

Опубликовано: 15 июн. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability".

Ссылки

http://www.securityfocus.com/bid/98850
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038671
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493
Patch
Vendor Advisory
http://www.securityfocus.com/bid/98850
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038671
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00531

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-178

Связанные уязвимости

CVE-2017-8493

CVSS3: 5.6

msrc

около 8 лет назад

Windows Security Feature Bypass Vulnerability

GHSA-2rf7-87hx-xw66