CVE-2018-8175 — WEBDAV Denial of Service Vulnerability
Executive Summary
A denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory. An attacker who successfully exploited the vulnerability could cause a denial of service. To exploit the vulnerability, an attacker could host a specially crafted website and then convince a user to browse to it, which would cause the victim's system to stop responding. However, an attacker could not force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's WEBDAV directory. The security update addresses the vulnerability by correcting how Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory.
Overview
CVSS Vector
EPSS Score
No EPSS score available for this CVE.
View on FIRST.orgAffected Products
| Product | KB Article | Severity | Impact | Restart Required |
|---|---|---|---|---|
| Windows 10 Version 1709 for 32-bit Systems | 4284819 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1709 for x64-based Systems | 4284819 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1803 for 32-bit Systems | 4284835 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows 10 Version 1803 for x64-based Systems | 4284835 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server, version 1709 (Server Core Installation) | 4284819 (Security Update) |
Important | Remote Code Execution | Yes |
| Windows Server, version 1803 (Server Core Installation) | 4284835 (Security Update) |
Important | Remote Code Execution | Yes |
Patches
| Article | Type | Restart |
|---|---|---|
4284819 |
Security Update | Yes |
4284835 |
Security Update | Yes |