Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2018-8360

Published: 15/08/2018 Updated: 23/05/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to .net Framework

Vulnerability Summary

An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an malicious user to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft .net_framework 2.0

microsoft .net_framework 3.0

microsoft .net_framework 3.5

microsoft .net_framework 3.5.1

microsoft .net_framework 4.5.2

microsoft .net_framework 4.6.2

microsoft .net_framework 4.7

microsoft .net_framework 4.7.1

microsoft .net_framework 4.7.2

microsoft .net_framework 4.6.1

microsoft .net_framework 4.6

Recent Articles

Patch Tuesday heats up with pair of exploited zero-days squashed – plus 58 other vulns fixed
The Register • Shaun Nichols in San Francisco • 14 Aug 2018

Summertiiiiiime, and the hacking is easy Oracle: Run, don't walk, to patch this critical Database takeover bug

Microsoft and Adobe have teamed up to deliver more than 70 patches with this month's Patch Tuesday batch released today. Microsoft contributed the bulk of the fixes emitted this month, kicking out updates for 60 CVE-listed vulnerabilities in its products. These should be installed as soon as you're able to test and deploy them. Among the highest priorities are a pair of zero-day bugs that are right now being exploited in the wild to compromise victims' Windows PCs. CVE-2018-8373, a remote code e...

Read more...

References

CWE-200https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8360http://www.securitytracker.com/id/1041462http://www.securityfocus.com/bid/104986https://nvd.nist.govhttps://www.theregister.co.uk/2018/08/14/august_bank_holiday/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook