How severe is CVE-2018-0886?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2018-0886?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2018-0886

HIGH Year: 2018

CVSS v3 Score

7.0

High

CVSS v2 Score

7.6

High

Weakness Type

CWE-287

View all →

Vulnerability Description

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".

CVE-2017-3765

HIGH

CVSS:7.0(High)

In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in...

CWE-2872017

CVE-2018-13435

HIGH

CVSS:7.0(High)

An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode...

CWE-2872018

CVE-2018-13446

HIGH

CVSS:7.0(High)

An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value ...

CWE-2872018

CVE-2018-6686

HIGH

CVSS:7.0(High)

Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circu...

CWE-2872018

CVE-2018-6689

HIGH

CVSS:7.0(High)

Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection v...

CWE-2872018

CVE-2021-3784

HIGH

CVSS:7.0(High)

Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings manager', an insecure procedure ...

CWE-2872021

CVE-2018-0886

Vulnerability Description

Related Vulnerabilities

CVE-2017-3765

CVE-2018-13435

CVE-2018-13446

CVE-2018-6686

CVE-2018-6689

CVE-2021-3784