CVE-2018-8360
Description
An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka .NET Framework Information Disclosure Vulnerability. This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
8.488
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4343887) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4343887) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4343887) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows Server 2016 for x64-based Systems (KB4343887) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows Server 2016 for x64-based Systems (KB4343887) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4343887) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB4343892) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB4343892) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4343909) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4343909) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4343909) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4343909) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4343909) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4343909) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows Server 2016 (1709) for x64-based Systems (KB4343897) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4343897) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4343897) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4343897) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows Server 2016 (1709) for x64-based Systems (KB4343897) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4343897) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4343885) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4343885) - Delta | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4343885) - Cumulative | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4343885) - Cumulative | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB 4344147) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB4344147) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB4344151) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB4344151) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB4344176) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB4344176) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB4344171) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB4344171) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344145) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4344145) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344148) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344172) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB4344166) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB4344166) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344146) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB4344167) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 SP2 (KB 4344146) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB4344167) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB4344152) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB4344152) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4344177) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4344177) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5 for Windows Server 2012 (KB 4344150) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5 for Windows Server 2012 (KB 4344175) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344165) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344144) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 SP2 (KB 4344149) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 SP2 (KB 4344149) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB4344173) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB4344173) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB4344178) x86 based systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB4344178) x64 bases systems | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344153) | Windows |
| .NET Framework Elevation of Privilege Vulnerability for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4344153) x64 bases systems | Windows |
| Microsoft COM for Windows Remote Code Execution Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4343897) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-25017 | 2018-08 Delta Update for Windows 10 Version 1607 for x64-based Systems (KB4343887) |
| PATCH-25018 | 2018-08 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4343887) |
| PATCH-25019 | 2018-08 Delta Update for Windows 10 Version 1607 for x86-based Systems (KB4343887) |
| PATCH-25020 | 2018-08 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4343887) |
| PATCH-25021 | 2018-08 Delta Update for Windows Server 2016 for x64-based Systems (KB4343887) |
| PATCH-25022 | 2018-08 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4343887) |
| PATCH-25023 | 2018-08 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4343892) |
| PATCH-25024 | 2018-08 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB4343892) |
| PATCH-25035 | 2018-08 Delta Update for Windows Server 2016 (1803) for x64-based Systems (KB4343909) |
| PATCH-25036 | 2018-08 Delta Update for Windows 10 Version 1803 for x86-based Systems (KB4343909) |
| PATCH-25037 | 2018-08 Delta Update for Windows 10 Version 1803 for x64-based Systems (KB4343909) |
| PATCH-25038 | 2018-08 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4343909) |
| PATCH-25039 | 2018-08 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4343909) |
| PATCH-25040 | 2018-08 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4343909) |
| PATCH-25029 | 2018-08 Delta Update for Windows Server 2016 (1709) for x64-based Systems (KB4343897) |
| PATCH-25030 | 2018-08 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4343897) |
| PATCH-25031 | 2018-08 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4343897) |
| PATCH-25032 | 2018-08 Delta Update for Windows 10 Version 1709 for x86-based Systems (KB4343897) |
| PATCH-25033 | 2018-08 Cumulative Update for Windows Server 2016 (1709) for x64-based Systems (KB4343897) |
| PATCH-25034 | 2018-08 Delta Update for Windows 10 Version 1709 for x64-based Systems (KB4343897) |
| PATCH-25122 | KB4345592 Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB 4344147) |
| PATCH-25112 | KB4345593 Description of the Security and Quality Rollup for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344151) |
| PATCH-25114 | KB4345593 Description of the Security and Quality Rollup for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344151) |
| PATCH-25120 | Description of the Security Only update for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344176) |
| PATCH-25124 | KB4345682-Description of the Security Only update for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 SP2 (KB 4344176) |
| PATCH-25099 | KB4345681-Description of the Security Only update for .NET Framework 4.5.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344171) |
| PATCH-25104 | KB4345681-Description of the Security Only update for .NET Framework 4.5.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344171) |
| PATCH-25123 | KB4345592 Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344145) |
| PATCH-25127 | KB4345591 Description of the Security and Quality Rollup for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344148) |
| PATCH-25129 | KB4345680-Description of the Security Only update for .NET Framework 4.5.2 for Windows Server 2012 (KB 4344172) |
| PATCH-25097 | KB4345681-Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344166) |
| PATCH-25102 | KB4345681-Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344166) |
| PATCH-25107 | Kb4345679-Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4344167) |
| PATCH-25113 | KB4345679-Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4344167) |
| PATCH-25103 | KB4345590 Description of the Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4344152) |
| PATCH-25110 | KB4345590 Description of the Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4344152) |
| PATCH-25111 | KB4345679-Description of the Security Only update for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4344177) |
| PATCH-25117 | KB4345679-Description of the Security Only update for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4344177) |
| PATCH-25126 | KB4345591 Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 (KB 4344150) |
| PATCH-25130 | KB4345680-Description of the Security Only update for .NET Framework 3.5 for Windows Server 2012 (KB 4344175) |
| PATCH-25125 | KB4345680-Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344165) |
| PATCH-25128 | KB4345591 Description of the Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4344144) |
| PATCH-25109 | Kb4345679-Description of the Security Only update for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB 4344173) |
| PATCH-25115 | Kb4345679-Description of the Security Only update for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB 4344173) |
| PATCH-25101 | KB4345681-Description of the Security Only update for .NET Framework 3.5 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344178) |
| PATCH-25105 | KB4345681-Description of the Security Only update for .NET Framework 3.5 for Windows 8.1, RT 8.1 and Server 2012 R2 (KB 4344178) |
| PATCH-25121 | KB4345592 Description of the Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4344153) |
| PATCH-25162 | 2018-08 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4343897) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234