{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T04:52:38.250","vulnerabilities":[{"cve":{"id":"CVE-2018-8414","sourceIdentifier":"secure@microsoft.com","published":"2018-08-15T17:29:10.393","lastModified":"2025-10-28T14:13:32.483","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka \"Windows Shell Remote Code Execution Vulnerability.\" This affects Windows 10 Servers, Windows 10."},{"lang":"es","value":"Existe una vulnerabilidad de ejecución remota de código cuando Windows Shell no valida incorrectamente las rutas de archivo. Esto también se conoce como \"Windows Shell Remote Code Execution Vulnerability\". Esto afecta a Windows 10 Servers y Windows 10."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"cisaExploitAdd":"2022-03-25","cisaActionDue":"2022-04-15","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Microsoft Windows Shell Remote Code Execution Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x64:*","matchCriteriaId":"B98DB3FF-CC3B-4E9F-A9CC-EC4C89AF3B31"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x86:*","matchCriteriaId":"8733BF37-7BF2-409D-9452-DA8A92DA1124"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:*","matchCriteriaId":"469F95D3-ABBB-4F1A-A000-BE0F6BD60FF6"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x86:*","matchCriteriaId":"D76003FB-EE99-4D8E-B6A0-B13C2041E5A0"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:*","matchCriteriaId":"D82F8AF7-ED01-4649-849E-F248F0E02384"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x86:*","matchCriteriaId":"C1CFB53B-B17B-47BD-BAC1-C6C5D168FFB6"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_1709:-:*:*:*:*:*:x64:*","matchCriteriaId":"9EFB4440-2B6B-486F-94D4-7D9C80301E51"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:x64:*","matchCriteriaId":"FD3218D1-BE39-4CEB-A88F-E715B722862B"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105016","source":"secure@microsoft.com","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041458","source":"secure@microsoft.com","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/105016","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041458","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8414","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}