var-201611-0235
Vulnerability from variot
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability.". According to Microsoft security bulletins, this vulnerability VHD Driver Elevation of Privilege Vulnerability ”. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through a specially crafted application. Microsoft Windows is a series of operating systems released by Microsoft Corporation of the United States. A local attacker can exploit this issue to run processes with elevated privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0235",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1511"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems (server core install )"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "10"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101511"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101607"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "windows server for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7225"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Forshaw of Google Project Zero",
"sources": [
{
"db": "BID",
"id": "94016"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
],
"trust": 0.9
},
"cve": "CVE-2016-7225",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-7225",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-11026",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-7225",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-7225",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11026",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-172",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka \"VHD Driver Elevation of Privilege Vulnerability.\". According to Microsoft security bulletins, this vulnerability VHD Driver Elevation of Privilege Vulnerability \u201d. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through a specially crafted application. Microsoft Windows is a series of operating systems released by Microsoft Corporation of the United States. \nA local attacker can exploit this issue to run processes with elevated privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-7225",
"trust": 3.3
},
{
"db": "BID",
"id": "94016",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "40764",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1037248",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-11026",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "35363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"id": "VAR-201611-0235",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
}
]
},
"last_update_date": "2023-12-18T12:20:14.339000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS16-138",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-138.aspx"
},
{
"title": "MS16-138",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-138.aspx"
},
{
"title": "Patch for Microsoft VHD Driver Privilege Escalation Vulnerability (CNVD-2016-11026)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/83743"
},
{
"title": "Microsoft Windows VHD Fixes for driver privilege elevation vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65544"
},
{
"title": "Microsoft Windows VHD Fixes for driver privilege elevation vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65396"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/94016"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1037248"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/40764/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7225"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20161109-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160046.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7225"
},
{
"trust": 0.6,
"url": "https://technet.microsoft.com/library/security/ms16-138"
},
{
"trust": 0.6,
"url": "http://technet.microsoft.com/security/bulletin/ms16-138"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/35363"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/default.mspx"
},
{
"trust": 0.3,
"url": "http://technet.microsoft.com/en-us/security/bulletin/ms16-138"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"date": "2016-11-08T00:00:00",
"db": "BID",
"id": "94016"
},
{
"date": "2016-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"date": "2016-11-10T06:59:38.063000",
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"date": "2016-11-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"date": "2016-11-24T01:08:00",
"db": "BID",
"id": "94016"
},
{
"date": "2016-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"date": "2018-10-12T22:14:16.890000",
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"date": "2016-11-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "94016"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows 10 and Windows Server 2016 Privilege Escalation Vulnerability in Virtual Hard Disk Driver",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
],
"trust": 0.6
}
}
Loading...