Vulnerability Details : CVE-2018-0810
The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0757.
Vulnerability category: Information leak
Products affected by CVE-2018-0810
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-0810
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-0810
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
1.9
|
LOW | AV:L/AC:M/Au:N/C:P/I:N/A:N |
3.4
|
2.9
|
NIST | |
4.7
|
MEDIUM | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.0
|
3.6
|
NIST |
CWE ids for CVE-2018-0810
-
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-0810
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810
CVE-2018-0810 | Windows Kernel Information Disclosure VulnerabilityPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/102938
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1040373
Windows Kernel Multiple Flaws Let Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Jump to