Vulnerability Name: CVE-2018-0952 (CCN-147742) Assigned: 2017-12-01 Published: 2018-08-14 Updated: 2019-10-03 Summary: An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers. CVSS v3 Severity: 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 7.0 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 7.0 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-noinfo Vulnerability Consequences: Gain Privileges References: Source: MITRECVE-2018-0952 105048 Microsoft Windows Diagnostics Hub CVE-2018-0952 Local Privilege Escalation Vulnerability 1041466 ms-diagnostic-cve20180952-priv-esc(147742) Windows 10 Diagnostics Hub Standard Collector Service Privilege Escalation Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0952 CVE-2018-0952: Privilege Escalation Vulnerability in Windows Standard Collector Service Offensive Security Exploit Database [08-22-2018] 45244 Vulnerable Configuration: Configuration 1 :cpe:/a:microsoft:visual_studio_2015:-:update3:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio_2017:15.8:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1607:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1703:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1709:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_10:1803:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_1709:-:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_1803:-:*:*:*:*:*:x64:* Configuration CCN 1 :cpe:/o:microsoft:windows_10:-:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio:2015:update3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server:1709:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server:1803:*:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio_2017:15.8:*:*:*:*:*:*:* BACK
microsoft visual studio 2015 - update3
microsoft visual studio 2017 -
microsoft visual studio 2017 15.8
microsoft windows 10 -
microsoft windows 10 1607
microsoft windows 10 1703
microsoft windows 10 1709
microsoft windows 10 1803
microsoft windows server 2016 -
microsoft windows server 2016 1709
microsoft windows server 2016 1803
microsoft windows 10 -
microsoft windows 10 -
microsoft windows server 2016
microsoft visual studio 2015 3
microsoft windows server 1709
microsoft windows server 1803
microsoft visual studio 2017
microsoft visual studio 2017 15.8
Denotes that component is vulnerable