Vulnerability Details CVE-2018-8284
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.53
EPSS Ranking 97.8%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/104667
- http://www.securitytracker.com/id/1041257
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284
- http://www.securityfocus.com/bid/104667
- http://www.securitytracker.com/id/1041257
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284
Products affected by CVE-2018-8284
-
cpe:2.3:a:microsoft:.net_framework:2.0
-
cpe:2.3:a:microsoft:.net_framework:3.0
-
cpe:2.3:a:microsoft:.net_framework:3.5
-
cpe:2.3:a:microsoft:.net_framework:3.5.1
-
cpe:2.3:a:microsoft:.net_framework:4.5.2
-
cpe:2.3:a:microsoft:.net_framework:4.6
-
cpe:2.3:a:microsoft:.net_framework:4.6.1
-
cpe:2.3:a:microsoft:.net_framework:4.6.2
-
cpe:2.3:a:microsoft:.net_framework:4.7
-
cpe:2.3:a:microsoft:.net_framework:4.7.1
-
cpe:2.3:a:microsoft:.net_framework:4.7.2
-
cpe:2.3:a:microsoft:project_server:2010
-
cpe:2.3:a:microsoft:project_server:2013
-
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013
-
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016
-
cpe:2.3:a:microsoft:sharepoint_foundation:2010
-
cpe:2.3:a:microsoft:sharepoint_foundation:2013
-
cpe:2.3:a:microsoft:sharepoint_server:2010
-
cpe:2.3:a:microsoft:sharepoint_server:2013
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server:1709
-
cpe:2.3:o:microsoft:windows_server:1803
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24116
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24768
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24919
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24975
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25031
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25073
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4467
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4886
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4946
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5192
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5246
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5291
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5356
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5427
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5648
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5717
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6351
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6452
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6897
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6981
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7070
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7159
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7259
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7336
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7428
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7515
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7606
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7876
-
cpe:2.3:o:microsoft:windows_server_2016:1709
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004
-
cpe:2.3:o:microsoft:windows_server_2016:20h2