Vulnerability Name:

CVE-2018-0976

Assigned:2017-12-01
Published:2018-04-10
Updated:2018-04-12
Summary:A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.8 Medium (CCN Temporal CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.9 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
References:Source: BID
Type: UNKNOWN
103651

Source: SECTRACK
Type: UNKNOWN
1040658

Source: XF
Type: UNKNOWN
ms-rdp-cve20180976-dos(140784)

Source: CONFIRM
Type: UNKNOWN
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0976

Vulnerable Configuration:
Configuration CCN 1:
  • cpe:/o:microsoft:windows_server:2008:sp2:x32:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server:2008:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:x32:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x64:*
  • OR cpe:/o:microsoft:windows_server_2012:r2:-:-:*:datacenter:*:*:*
  • OR cpe:/o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    BACK
    microsoft windows server 2008 sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008 - sp2
    microsoft windows 7 - sp1
    microsoft windows 7 - sp1
    microsoft windows server 2008 r2 sp1
    microsoft windows server 2008 r2 sp1
    microsoft windows server 2012 -
    microsoft windows 8.1 - -
    microsoft windows server 2012 r2 -
    microsoft windows rt 8.1 -
    microsoft windows 10 -
    microsoft windows 10 -
    microsoft windows server 2016 -