CVE-2018-0843Sensitive Information Exposure in Corporation Windows

CWE-200Sensitive Information Exposure13 documents4 sources
Severity
7.8HIGHNVD
NVD7.0NVD4.7
EPSS
3.5%
top 12.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Microsoft Corporation WindowsMicrosoft Windows 10Microsoft Windows Server 2008+5 more
Timeline
PublishedFeb 15
Latest updateMay 14

Description

The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and CVE-2018-0820.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages6 packages

NVDmicrosoft/windowsr2, 1709+1
NVDmicrosoft/windows_104 versions+3

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

5
GHSA
GHSA-fc7x-344x-cfj8: The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in me2022-05-14
GHSA
GHSA-wgfm-mwrc-rjpm: The Windows kernel in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privileg2022-05-13
GHSA
GHSA-xc49-q8vj-84mg: The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the w2022-05-13
GHSA
GHSA-c8hv-wh6g-ccxc: The Windows kernel in Windows 7 SP1, Windows 82022-05-13
GHSA
GHSA-9jxx-j823-g3jw: The Windows kernel in Windows 7 SP1, Windows 82022-05-13

📋Vendor Advisories

1
Microsoft
Windows Kernel Information Disclosure Vulnerability2018-02-13

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - February 20182018-02-13
Talos
Microsoft Patch Tuesday - February 20182018-02-13
CVE-2018-0843 — Sensitive Information Exposure | cvebase