Vulnerability Description
An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Visual Studio 2015 | - |
| Microsoft | Visual Studio 2017 | - |
| Microsoft | Windows 10 | - |
| Microsoft | Windows Server 2016 | - |
References
- http://www.securityfocus.com/bid/105048Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041466Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0952PatchVendor Advisory
- https://www.exploit-db.com/exploits/45244/ExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/105048Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041466Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0952PatchVendor Advisory
- https://www.exploit-db.com/exploits/45244/ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2018-0952?
CVE-2018-0952 is a vulnerability with a CVSS score of 7.8 (HIGH). An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulner...
How severe is CVE-2018-0952?
CVE-2018-0952 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-0952?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Visual Studio 2015, Microsoft Visual Studio 2017, Microsoft Windows 10, Microsoft Windows Server 2016.