Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-8452
HistorySep 13, 2018 - 12:29 a.m.

CVE-2018-8452

2018-09-1300:29:05
CWE-200
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka “Scripting Engine Information Disclosure Vulnerability.” This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

Affected configurations

NVD
Node
microsoftinternet_explorerMatch11
AND
microsoftwindows_10Match-
OR
microsoftwindows_10Match1607
OR
microsoftwindows_10Match1703
OR
microsoftwindows_10Match1709
OR
microsoftwindows_10Match1803
OR
microsoftwindows_7sp1
OR
microsoftwindows_8.1
OR
microsoftwindows_rt_8.1
OR
microsoftwindows_server_2008Matchr2sp1
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
Node
microsoftchakracoreMatch-
Node
microsoftedgeMatch-
AND
microsoftwindows_10
OR
microsoftwindows_10Match1607
OR
microsoftwindows_10Match1703
OR
microsoftwindows_10Match1709
OR
microsoftwindows_10Match1803
OR
microsoftwindows_server_2016Match-

Related

symantec 1
cve 1
github 1
osv 1
cvelist 1
mscve 1
veracode 1
prion 1
nessus 8
openvas 8
mskb 8
kaspersky 1
talosblog 1
symantec
symantec
Microsoft Internet Explorer and Edge CVE-2018-8452 Information Disclosure Vulnerability
2018-09-11 00:00:00
cve
cve
CVE-2018-8452
2018-09-13 00:29:05
github
github
ChakraCore information disclosure vulnerability
2022-05-13 01:53:42
osv
osv
ChakraCore information disclosure vulnerability
2022-05-13 01:53:42
cvelist
cvelist
CVE-2018-8452
2018-09-13 00:00:00
mscve
mscve
Scripting Engine Information Disclosure Vulnerability
2018-09-11 07:00:00
veracode
veracode
Information Disclosure
2018-09-14 02:53:45
prion
prion
Information disclosure
2018-09-13 00:29:00
nessus
nessus
Security Updates for Internet Explorer (September 2018)
2018-09-11 00:00:00
KB4457145: Windows 7 and Windows Server 2008 R2 September 2018 Security Update
2018-09-11 00:00:00
KB4457143: Windows 8.1 and Windows Server 2012 R2 September 2018 Security Update
2018-09-11 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (KB4457426)
2018-09-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4457144)
2018-09-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4457129)
2018-09-12 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: September 11, 2018
2018-09-11 07:00:00
September 11, 2018—KB4457144 (Monthly Rollup)
2018-09-11 07:00:00
September 11, 2018—KB4457129 (Monthly Rollup)
2018-09-11 07:00:00
kaspersky
kaspersky
KLA11318 Multiple vulnerabilities in Microsoft Browsers
2018-09-11 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2018
2018-09-11 11:56:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON
Related for NVD:CVE-2018-8452
symantec1cve1github1osv1cvelist1mscve1veracode1prion1nessus8openvas8mskb8kaspersky1talosblog1