CVE-2018-8306

{"id": "CVE-2018-8306", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.2, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 5.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.1}]}, "published": "2018-07-11T00:29:01.913", "references": [{"url": "http://www.securityfocus.com/bid/104621", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id/1041269", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/104621", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1041269", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en Microsoft Wireless Display Adapter (MWDA) cuando Microsoft Wireless Display Adapter no gestiona correctamente las entradas de usuario. Esto tambi\u00e9n se conoce como \"Microsoft Wireless Display Adapter Command Injection Vulnerability\". Esto afecta a Microsoft Wireless Display Adapter V2 Software."}], "lastModified": "2024-11-21T04:13:35.353", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8350:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1893F79A-CAFA-48DB-8620-F7C96FC571DA"}, {"criteria": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8365:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23641D96-2EE3-4F11-97F4-6F33A6F25DE4"}, {"criteria": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8372:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCABA19F-D04E-4CAF-B222-0B732B408278"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:microsoft:wireless_display_adapter:2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "10A41CCA-EC1A-4FE7-BE92-7F81362355E9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secure@microsoft.com"}