CVE-2019-0959
Published Jun 12, 2019
Last updated 4 years ago
Overview
- Description
- An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0984.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B921FDB-8E7D-427E-82BE-4432585080CF"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
],
"operator": "OR"
}
]
}
]