Vulnerability Description
An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | .Net Framework | 2.0 |
| Microsoft | Windows Server 2008 | - |
| Microsoft | Windows 10 | - |
| Microsoft | Windows 8.1 | All versions |
| Microsoft | Windows Server 2012 | All versions |
| Microsoft | Windows Server 2016 | All versions |
| Microsoft | Windows 7 | - |
| Microsoft | Windows Rt 8.1 | - |
| Microsoft | Windows Server | 1709 |
References
- http://www.securityfocus.com/bid/104665Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041257Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202PatchVendor Advisory
- http://www.securityfocus.com/bid/104665Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041257Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202PatchVendor Advisory
FAQ
What is CVE-2018-8202?
CVE-2018-8202 is a vulnerability with a CVSS score of 7.8 (HIGH). An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects...
How severe is CVE-2018-8202?
CVE-2018-8202 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-8202?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft .Net Framework, Microsoft Windows Server 2008, Microsoft Windows 10, Microsoft Windows 8.1, Microsoft Windows Server 2012.