PT-2018-9092 · Microsoft · Windows Server 2016+2

Published

2018-02-13

Updated

2019-10-03

CVE-2018-0828

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Windows 10 version 1607 Windows Server 2016

Description: The issue is related to how the MultiPoint management account password is stored, allowing an elevation of privilege. This could potentially enable attackers to affect the system.

Recommendations: For Windows 10 version 1607, update the system to address the issue. For Windows Server 2016, apply the necessary patch to resolve the elevation of privilege vulnerability.

Fix

LPE

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2018-0828

Affected Products

Windows

Windows 10

Windows Server 2016

PT-2018-9092 · Microsoft · Windows Server 2016+2

CVE-2018-0828

Weakness Enumeration

Related Identifiers

Affected Products

References · 7