CVE-2018-8356

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
References
Configurations

Configuration 1

cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_core:2.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_core:1.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_core:1.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework_developer_pack:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:asp.net_core:1.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:asp.net_core:1.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:asp.net_core:2.0:*:*:*:*:*:*:*

Information

Published : 2018-07-11 12:29

Updated : 2022-05-23 05:29


NVD link : CVE-2018-8356

Mitre link : CVE-2018-8356

Products Affected
No products.
CWE
CWE-295

Improper Certificate Validation