KLA11358 Multiple vulnerabilities in Microsoft Development Tools

🗓️ 13 Nov 2018 00:00:00Reported by Kaspersky LabType

kaspersky🔗 threats.kaspersky.com👁 358 Views

Multiple vulnerabilities in Microsoft Development Tools. Remote code execution in PowerShell, .NET Core, and TFS. Tampering vulnerability in PowerShell and .NET Core. Cross-site scripting in TFS

Reporter	Title	Published	Views	Family All 108
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in microsoft.netcore.app affect IBM Robotic Process Automation.	7 Oct 202422:27	–	ibm
ATTACKERKB	CVE-2018-8602	14 Nov 201801:29	–	attackerkb
ATTACKERKB	CVE-2018-8415	14 Nov 201801:29	–	attackerkb
ATTACKERKB	CVE-2018-8416	14 Nov 201801:29	–	attackerkb
ATTACKERKB	CVE-2018-8529	15 Nov 201819:29	–	attackerkb
Circl	CVE-2018-8256	14 Nov 201817:39	–	circl
Circl	CVE-2018-8415	14 Nov 201817:39	–	circl
Circl	CVE-2018-8416	14 Nov 201817:39	–	circl
CNVD	Microsoft Team Foundation Server Cross-Site Scripting Vulnerability	15 Nov 201800:00	–	cnvd
CNVD	Microsoft Team Foundation Server Code Execution Vulnerability	15 Nov 201800:00	–	cnvd

Source	Link
portal	www.portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8256
portal	www.portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8416
portal	www.portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8415
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-8529
portal	www.portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8602
threats	www.threats.kaspersky.com/en/product/Microsoft-Windows/
threats	www.threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats	www.threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats	www.threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats	www.threats.kaspersky.com/en/product/Microsoft-Windows-7/

22 Jan 2024 00:00Current

8.7High risk

Vulners AI Score8.7

CVSS 39.8

CVSS 29.3

EPSS0.30253