Unrated severityNVD Advisory· Published Nov 14, 2018· Updated Aug 5, 2024

CVE-2018-8415

Description

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Affected products

Microsoft/PowerShell Corellm-fuzzy
Range: <=6.1
Microsoft/Powershellllm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 6.0
Microsoft/Windows 10cpe-rescue
Range: 32-bit Systems
Microsoft/Windows Servercpe-rescue
Range: version 1709 (Server Core Installation)
Microsoft/Windows 7cpe-rescue
Range: 32-bit Systems Service Pack 1
Microsoft/Windows 8.1cpe-rescue
Range: 32-bit systems
Microsoft/Windows Rt 8.1cpe-rescue
Range: Windows RT 8.1
Microsoft/Windows Server 2008cpe-rescue
Range: x64-based Systems Service Pack 1
Microsoft/Windows Server 2012cpe-rescue2 versions
(Server Core installation)+ 1 more
- (no CPE)range: (Server Core installation)
- (no CPE)range: (Server Core installation)
Microsoft/Windows Server 2016cpe-rescue
Range: (Server Core installation)
Microsoft/Windows Server 2019cpe-rescue
Range: (Server Core installation)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/105792mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1042108mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8415mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000