{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T20:01:44.386","vulnerabilities":[{"cve":{"id":"CVE-2019-0998","sourceIdentifier":"secure@microsoft.com","published":"2019-06-12T14:29:02.447","lastModified":"2025-05-20T18:15:34.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.\nTo exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application.\nThe security update addresses the vulnerability by correcting how the Storage Services handles file operations."},{"lang":"es","value":"Existe una vulnerabilidad de elevaciĆ³n de privilegios cuando el Servicio de Almacenamiento maneja de manera inapropiada las operaciones de archivo, tambiĆ©n se conoce como 'Windows Storage Service Elevation of Privilege Vulnerability'. Este ID de CVE es diferente de CVE-2019-0983."}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*","matchCriteriaId":"83B14968-3985-43C3-ACE5-8307196EFAE3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*","matchCriteriaId":"7CB85C75-4D35-480E-843D-60579EC75FCB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*","matchCriteriaId":"6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*","matchCriteriaId":"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*","matchCriteriaId":"CAACE735-003E-4ACB-A82E-C0CF97D7F013"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*","matchCriteriaId":"5B921FDB-8E7D-427E-82BE-4432585080CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0998","source":"secure@microsoft.com"},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0998","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}