VYPR
Medium severity5.5NVD Advisory· Published Jul 11, 2018· Updated Jun 17, 2026

CVE-2018-8356

CVE-2018-8356

Description

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
System.Private.ServiceModelNuGet
>= 4.0.0, < 4.1.34.1.3
System.Private.ServiceModelNuGet
>= 4.3.0, < 4.3.34.3.3
System.Private.ServiceModelNuGet
>= 4.4.0, < 4.4.44.4.4
System.Private.ServiceModelNuGet
>= 4.5.0, < 4.5.34.5.3
System.ServiceModel.DuplexNuGet
>= 4.3.0, < 4.3.34.3.3
System.ServiceModel.DuplexNuGet
>= 4.4.0, < 4.4.44.4.4
System.ServiceModel.DuplexNuGet
>= 4.5.0, < 4.5.34.5.3
System.ServiceModel.DuplexNuGet
>= 4.0.0, < 4.0.44.0.4
System.ServiceModel.HttpNuGet
>= 4.3.0, < 4.3.34.3.3
System.ServiceModel.HttpNuGet
>= 4.4.0, < 4.4.44.4.4
System.ServiceModel.HttpNuGet
>= 4.5.0, < 4.5.34.5.3
System.ServiceModel.HttpNuGet
>= 4.0.0, < 4.1.34.1.3
System.ServiceModel.NetTcpNuGet
>= 4.3.0, < 4.3.34.3.3
System.ServiceModel.NetTcpNuGet
>= 4.4.0, < 4.4.44.4.4
System.ServiceModel.NetTcpNuGet
>= 4.5.0, < 4.5.34.5.3
System.ServiceModel.NetTcpNuGet
>= 4.0.0, < 4.1.34.1.3
System.ServiceModel.PrimitivesNuGet
>= 4.3.0, < 4.3.34.3.3
System.ServiceModel.PrimitivesNuGet
>= 4.4.0, < 4.4.44.4.4
System.ServiceModel.PrimitivesNuGet
>= 4.5.0, < 4.5.34.5.3
System.ServiceModel.PrimitivesNuGet
>= 4.0.0, < 4.1.34.1.3
System.ServiceModel.SecurityNuGet
>= 4.3.0, < 4.3.34.3.3
System.ServiceModel.SecurityNuGet
>= 4.4.0, < 4.4.44.4.4
System.ServiceModel.SecurityNuGet
>= 4.5.0, < 4.5.34.5.3
System.ServiceModel.SecurityNuGet
>= 4.0.0, < 4.0.44.0.4

Affected products

10

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.