Vulnerability Details : CVE-2018-8335
A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
Vulnerability category: Denial of service
Products affected by CVE-2018-8335
- cpe:2.3:o:microsoft:windows_server:2012:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012:r2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:1803:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:1709:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:rt:*:*:*
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-8335
0.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-8335
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
References for CVE-2018-8335
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8335
CVE-2018-8335 | Windows SMB Denial of Service VulnerabilityPatch;Vendor Advisory
-
http://www.securitytracker.com/id/1041634
Windows Server Message Block Lets Remote Authenticated Users Cause the Target Service to Stop Accepting Requests - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/105224
Microsoft Windows SMB Server CVE-2018-8335 Denial of Service VulnerabilityThird Party Advisory;VDB Entry
Jump to