CVE-2018-8200

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8204.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
microsoftCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_server_2016
-
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/105007
http://www.securitytracker.com/id/1041459
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200
http://www.securityfocus.com/bid/105007
http://www.securitytracker.com/id/1041459
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200