CVE-2018-8476

Sažetak

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers.

Reference

http://www.securityfocus.com/bid/105774
http://www.securitytracker.com/id/1042109
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476
https://research.checkpoint.com/2019/pxe-dust-finding-a-vulnerability-in-windows-servers-deployment-services/

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

13-02-2020 - 19:15

Objavljeno

14-11-2018 - 01:29