Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability".
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/98850 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1038671 | Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8493 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-06-15 01:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-8493
Mitre link : CVE-2017-8493
CVE.ORG link : CVE-2017-8493
JSON object : View
Products Affected
microsoft
- windows_server_2012
- windows_8.1
- windows_server_2016
- windows_10
- windows_rt_8.1
CWE
CWE-178
Improper Handling of Case Sensitivity