{"containers": {"cna": {"affected": [{"product": "Windows Server 2012", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "(Server Core installation)"}]}, {"product": "Windows 10", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "32-bit Systems"}, {"status": "affected", "version": "x64-based Systems"}]}, {"product": "Windows 8.1", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "32-bit systems"}, {"status": "affected", "version": "x64-based systems"}]}, {"product": "Windows RT 8.1", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "Windows RT 8.1"}]}, {"product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "(Server Core installation)"}]}], "datePublic": "2018-09-12T00:00:00", "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability.\" This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2."}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-13T09:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8444"}, {"name": "105226", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105226"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2018-8444", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Windows Server 2012", "version": {"version_data": [{"version_value": "(Server Core installation)"}]}}, {"product_name": "Windows 10", "version": {"version_data": [{"version_value": "32-bit Systems"}, {"version_value": "x64-based Systems"}]}}, {"product_name": "Windows 8.1", "version": {"version_data": [{"version_value": "32-bit systems"}, {"version_value": "x64-based systems"}]}}, {"product_name": "Windows RT 8.1", "version": {"version_data": [{"version_value": "Windows RT 8.1"}]}}, {"product_name": "Windows Server 2012 R2", "version": {"version_data": [{"version_value": "(Server Core installation)"}]}}]}, "vendor_name": "Microsoft"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability.\" This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Disclosure"}]}]}, "references": {"reference_data": [{"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8444", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8444"}, {"name": "105226", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105226"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:54:36.651Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8444"}, {"name": "105226", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105226"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2018-8444", "datePublished": "2018-09-13T00:00:00", "dateReserved": "2018-03-14T00:00:00", "dateUpdated": "2024-08-05T06:54:36.651Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability.\" This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2."}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la forma en la que el servidor SMBv2 (Microsoft Server Message Block 2.0) gestiona determinadas peticiones. Esto tambi\u00e9n se conoce como \"Windows SMB Information Disclosure Vulnerability\". Esto afecta a Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1 y Windows Server 2012 R2."}], "id": "CVE-2018-8444", "lastModified": "2024-11-21T04:13:50.517", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-13T00:29:04.833", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105226"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8444"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105226"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8444"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}