CVE-2017-8544

Published Jun 15, 2017

Last updated 7 years ago

Overview

Description: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to obtain information to further compromise the user's system when Windows Search fails to handle objects in memory, aka "Windows Search Information Disclosure Vulnerability".
Source: secure@microsoft.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "197E82CB-81AF-40F1-A55C-7B596891A783"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF6437F9-6631-49D3-A6C2-62329E278E31"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Configurations

References