CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-8119

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.8%

CVSS Severity

CVSS v3 Score 5.6

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/104070
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8119
https://tools.cisco.com/security/center/viewAlert.x?alertId=57754&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Azure%20IoT%20SDK%20AMQP%20Transport%20Library%20Spoofing%20Vulnerability&vs_k=1
http://www.securityfocus.com/bid/104070
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8119

Products affected by CVE-2018-8119

Microsoft » C Software Development Kit » Version: Any

cpe:2.3:a:microsoft:c_software_development_kit:*
Microsoft » Csharp Software Development Kit » Version: N/A

cpe:2.3:a:microsoft:csharp_software_development_kit:-
Microsoft » Java Software Development Kit » Version: N/A

cpe:2.3:a:microsoft:java_software_development_kit:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8119

Products

Pricing

Contact Us