CVE-2018-0808

CVE Database · CVE-2018-0808

CVE-2018-0808

· N/AModified

CVSS v3.1

N/A

EPSS

7.84%

Published

Mar 14, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784.

Affected Products (3)

microsoft · asp.net_corevulnerable

References (6)

http://www.securityfocus.com/bid/103226

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1040504

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0808

PatchVendor Advisory

http://www.securityfocus.com/bid/103226

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1040504

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0808

KEV Catalog EPSS Scores Vendors All CVEs