CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-0908

Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server, aka "Microsoft Identity Manager XSS Elevation of Privilege Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/103112
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0908
http://www.securityfocus.com/bid/103112
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0908

Products affected by CVE-2018-0908

Microsoft » Identity Manager » Version: 2016

cpe:2.3:a:microsoft:identity_manager:2016

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0908

Products

Pricing

Contact Us