Vulnerability Details : CVE-2018-0843
The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and CVE-2018-0820.
Vulnerability category: Information leak
Products affected by CVE-2018-0843
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-0843
1.91%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-0843
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
1.9
|
LOW | AV:L/AC:M/Au:N/C:P/I:N/A:N |
3.4
|
2.9
|
NIST | |
|
4.7
|
MEDIUM | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.0
|
3.6
|
NIST |
CWE ids for CVE-2018-0843
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-0843
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0843
CVE-2018-0843 | Windows Kernel Information Disclosure VulnerabilityPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/102951
Microsoft Windows Kernel CVE-2018-0843 Local Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1040373
Windows Kernel Multiple Flaws Let Local Users Obtain Potentially Sensitive Information and Gain Elevated Privileges on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Jump to