CVE-2018-8356
Published: Jul 11, 2018
Modified: Aug 5, 2024
Description
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
| Vendor | Product | Versions |
|---|---|---|
Microsoft | Microsoft .NET Framework | affected 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2affected 3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2affected 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2affected 3.5 on Windows 10 for 32-bit Systemsaffected 3.5 on Windows 10 for x64-based Systems+58 more versions |
Microsoft | .NET Core | affected 1.0affected 1.1affected 2.0 |
Microsoft | ASP.NET Core | affected 1.0affected 1.1affected 2.0 |
Microsoft | .NET Framework | affected 4.7.2 Developer Pack |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now