Vulnerability Details CVE-2018-8256
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.17
EPSS Ranking 94.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/105781
- http://www.securitytracker.com/id/1042108
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8256
- http://www.securityfocus.com/bid/105781
- http://www.securitytracker.com/id/1042108
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8256
Products affected by CVE-2018-8256
-
cpe:2.3:a:microsoft:microsoft.powershell.archive:1.2.2.0
-
cpe:2.3:a:microsoft:powershell_core:6.0
-
cpe:2.3:a:microsoft:powershell_core:6.1
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_10:1809
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:1709
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2019:-