CVE-2018-8202

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
microsoft.net_framework
2.0:sp2
microsoft.net_framework
3.0:sp2
microsoft.net_framework
3.5
microsoft.net_framework
3.5.1
microsoft.net_framework
4.5.2
microsoft.net_framework
4.6
microsoft.net_framework
4.6.2
microsoft.net_framework
4.7
microsoft.net_framework
4.7.1
microsoft.net_framework
4.7.2
microsoft.net_framework
4.6
microsoft.net_framework
4.6.1
microsoft.net_framework
4.6.2
microsoft.net_framework
4.6
microsoft.net_framework
4.6.1
microsoft.net_framework
4.6.2
microsoft.net_framework
4.7
microsoft.net_framework
4.7.1
microsoft.net_framework
4.7.2
microsoft.net_framework
4.7.1
microsoft.net_framework
4.7.2
microsoft.net_framework
4.7.2
microsoft.net_framework
4.7
microsoft.net_framework
4.7.1
microsoft.net_framework
4.7.2
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/104665
http://www.securitytracker.com/id/1041257
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202
http://www.securityfocus.com/bid/104665
http://www.securitytracker.com/id/1041257
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202