HTTP: Windows Common Log File System Driver CVE-2018-8167 Elevation of Privilege
This signature detects attempts to exploit a known vulnerability against Windows Common Log File System Driver. A successful attack could run processes in an elevated context.
Extended Description
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Affected Products
Microsoft windows_server_2016
References
CVE: CVE-2018-8167
Short Name
HTTP:STC:DL:CVE-2018-8167EOP
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-8167 Common Driver Elevation File Log Privilege System Windows of
Release Date
05/08/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Microsoft
CVSS Score
4.4