CVE-2018-8202

4 documents4 sources

Severity

7.8HIGH

EPSS

0.3%

top 43.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Microsoft .net Framework Microsoft .net Framework

Timeline

PublishedJul 11

Latest updateMay 13

Description

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Fram…

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDmicrosoft/.net_framework11 versions+10

▶CVEListV5microsoft/microsoft_.net_framework70 versions+69

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-mq83-qmfp-2j72: An elevation of privilege vulnerability exists in↗2022-05-13

▶

CVEList

CVE-2018-8202: An elevation of privilege vulnerability exists in↗2018-07-11

▶

📋Vendor Advisories

Microsoft

.NET Framework Elevation of Privilege Vulnerability↗2018-07-10

▶