Language:
Severity: High
ID: 109603
File Name: smb_nt_ms18_may_4103716.nasl
Version: 1.16
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 5/8/2018
Updated: 8/6/2024
Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Critical
Score: 9.7
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2018-8136
Risk Factor: High
Base Score: 8.8
Temporal Score: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2018-8126
CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:edge
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/8/2018
Vulnerability Publication Date: 5/8/2018
CISA Known Exploited Vulnerability Due Dates: 8/15/2022, 8/26/2024
CANVAS (CANVAS)
Core Impact
Metasploit (Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability)
CVE: CVE-2018-0765, CVE-2018-0824, CVE-2018-0854, CVE-2018-0943, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-0958, CVE-2018-0959, CVE-2018-1022, CVE-2018-1025, CVE-2018-1039, CVE-2018-8112, CVE-2018-8114, CVE-2018-8122, CVE-2018-8124, CVE-2018-8126, CVE-2018-8127, CVE-2018-8129, CVE-2018-8132, CVE-2018-8133, CVE-2018-8134, CVE-2018-8136, CVE-2018-8137, CVE-2018-8145, CVE-2018-8164, CVE-2018-8165, CVE-2018-8166, CVE-2018-8167, CVE-2018-8174, CVE-2018-8178, CVE-2018-8179, CVE-2018-8897
MSFT: MS18-4103716
MSKB: 4103716