cvelistv5 - cve-2018-8306

CVE-2018-8306 (GCVE-0-2018-8306)

Vulnerability from cvelistv5 – Published: 2018-07-11 00:00 – Updated: 2024-08-05 06:54

Summary

Severity ?

No CVSS data available.

CWE

Remote Code Execution

Assigner

microsoft

References

URL

Tags

	http://www.securitytracker.com/id/1041269	vdb-entryx_refsource_SECTRACK
	https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104621	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Microsoft	Microsoft Wireless Display Adapter V2 Software	Affected: Version 2.0.8350 Affected: Version 2.0.8365 Affected: Version 2.0.8372

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:54:36.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041269",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041269"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
          },
          {
            "name": "104621",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104621"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft Wireless Display Adapter V2 Software",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "Version 2.0.8350"
            },
            {
              "status": "affected",
              "version": "Version 2.0.8365"
            },
            {
              "status": "affected",
              "version": "Version 2.0.8372"
            }
          ]
        }
      ],
      "datePublic": "2018-07-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-11T09:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1041269",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041269"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
        },
        {
          "name": "104621",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104621"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2018-8306",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Microsoft Wireless Display Adapter V2 Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Version 2.0.8350"
                          },
                          {
                            "version_value": "Version 2.0.8365"
                          },
                          {
                            "version_value": "Version 2.0.8372"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041269",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041269"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
            },
            {
              "name": "104621",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104621"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2018-8306",
    "datePublished": "2018-07-11T00:00:00",
    "dateReserved": "2018-03-14T00:00:00",
    "dateUpdated": "2024-08-05T06:54:36.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8350:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1893F79A-CAFA-48DB-8620-F7C96FC571DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8365:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23641D96-2EE3-4F11-97F4-6F33A6F25DE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8372:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCABA19F-D04E-4CAF-B222-0B732B408278\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:microsoft:wireless_display_adapter:2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10A41CCA-EC1A-4FE7-BE92-7F81362355E9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \\\"Microsoft Wireless Display Adapter Command Injection Vulnerability.\\\" This affects Microsoft Wireless Display Adapter V2 Software.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de inyecci\\u00f3n de comandos en Microsoft Wireless Display Adapter (MWDA) cuando Microsoft Wireless Display Adapter no gestiona correctamente las entradas de usuario. Esto tambi\\u00e9n se conoce como \\\"Microsoft Wireless Display Adapter Command Injection Vulnerability\\\". Esto afecta a Microsoft Wireless Display Adapter V2 Software.\"}]",
      "id": "CVE-2018-8306",
      "lastModified": "2024-11-21T04:13:35.353",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 3.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 5.2, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 5.1, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-07-11T00:29:01.913",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/104621\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041269\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/104621\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041269\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-8306\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2018-07-11T00:29:01.913\",\"lastModified\":\"2024-11-21T04:13:35.353\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \\\"Microsoft Wireless Display Adapter Command Injection Vulnerability.\\\" This affects Microsoft Wireless Display Adapter V2 Software.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de inyecci\u00f3n de comandos en Microsoft Wireless Display Adapter (MWDA) cuando Microsoft Wireless Display Adapter no gestiona correctamente las entradas de usuario. Esto tambi\u00e9n se conoce como \\\"Microsoft Wireless Display Adapter Command Injection Vulnerability\\\". Esto afecta a Microsoft Wireless Display Adapter V2 Software.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.1,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":5.2,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":5.1,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8350:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1893F79A-CAFA-48DB-8620-F7C96FC571DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8365:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23641D96-2EE3-4F11-97F4-6F33A6F25DE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8372:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCABA19F-D04E-4CAF-B222-0B732B408278\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:microsoft:wireless_display_adapter:2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10A41CCA-EC1A-4FE7-BE92-7F81362355E9\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104621\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041269\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104621\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041269\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

VAR-201807-1609

Vulnerability from variot - Updated: 2023-12-18 13:33

A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka "Microsoft Wireless Display Adapter Command Injection Vulnerability." This affects Microsoft Wireless Display Adapter V2 Software. An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. All MiracastA(r) enabled Windows 10 phones, tablets and laptops, including the Surface line up. Stream movies, view personal photos, or display a presentation on a big screen a all wirelessly." [1]

During our research we found a command-injection, broken 
access control and an "evil-twin" attack.

Background: MsWDA uses Wifi-Direct for the Connection and Miracast for transmitting Video- and Audiodata. The Wifi-Connection between MsWDA and the Client is alwasy WPA2 encrypted. To setup the connection, MsWDA provides a well-known mechanism: Wi-Fi Protected Setup (WPS). MsWDA implements both push button configuration (PBC) and PIN configuration. Despite the original design and name, MsWDA offers PBC with the button virtually "pressed". A user simply connects. Regardless the authentication method used (PBC or PIN), a client is assigned to a so called "persistent group". A client in a persistent group does not have to re-authenticate on a new connection.

Effect:
Command injection:
The attacker has to be connected to the MsWDA.Using the 
Webservice the Name of the MsWDA could be set in the 
parameter "NewDeviceName". Appending characters 
to escape command line scripts, the device gets into a 
boot loop. Therefore the conclusion is legit, there is 
a command injection. After several bricked MsWDAs we gave
up.

Broken Access Control:
a) PBC is implemented against Wifi Alliance Best Practices [2]
No Button has to be pressed, therefore the attacker has 
just to be in network range to authenticate. Physical access
to the device is not required.

b) If an attacker has formed a persistent group with Push 
Button Configuration, he can authenticate with the persistent 
group, even if the configuration method is changed to PIN 
Configuration.

c) A persistent group does not expire, so the access right 
longs forever. The WPA2 key of the connection does not change 
for a persistent group.

Evil-Twin-Attack:
To perform an Evil-Twin Attack, the Attacker has to be connected
to the MsWDA attacked. The user will only find 
the attackers name in the available connections and connect to the 
attackers Evil Twin. A replication service will stream the users data 
from the attackers device to the MsWDA attacked. Therefore the user 
will not be able to recognize the attack. 
Besides the ability to view streaming data, the attacker can use 
the established connection to access other services on the victims
device, e. g. files if shared to trusted networks by the user. This does not require 
the attacker to have physical access, at least he nees the screen visible.

Disclosure Timeline:
2018/03/21 vendor contacted
2018/03/21 initial vendor response
2018/04/06 vendor confirmation 
2018/04/20 vendor informs about fixes planned
2018/04/21 feedback to the vendor on the fixes
2018/05/17 vendor provides timeline for the firmware fixes for July 10th
2018/06/19 vendor provides assigend CVE number
2018/07/10 vendor publishes Advisory and Firmware-Updates 
2018/07/30 coordinated public disclosure

External References: [1] https://www.microsoft.com/accessories/en-us/products/adapters/wireless-display-adapter-2/p3q-00001 [2] https://www.wi-fi.org/downloads-public/wsc_best_practices_v2_0_1.pdf/8188

Credits: Tobias Glemser tglemser@secuvera.de secuvera GmbH https://www.secuvera.de

Simon Winter
simon.winter95@web.de
Aalen University
https://www.hs-aalen.de/en

Disclaimer: All information is provided without warranty. The intent is to provide information to secure infrastructure and/or systems, not to be able to attack or damage. Therefore secuvera shall not be liable for any direct or indirect damages that might be caused by using this information

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201807-1609",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wireless display adapter",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "microsoft",
        "version": "2.0.8372"
      },
      {
        "model": "wireless display adapter",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "microsoft",
        "version": "2.0.8365"
      },
      {
        "model": "wireless display adapter",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "microsoft",
        "version": "2.0.8350"
      },
      {
        "model": "wireless display adapter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "v2 software version 2.0.8350"
      },
      {
        "model": "wireless display adapter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "v2 software version 2.0.8365"
      },
      {
        "model": "wireless display adapter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "v2 software version 2.0.8372"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "104621"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8350:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8365:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8372:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:microsoft:wireless_display_adapter:2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tobias Glemser of secuvera GmbH, Simon Winter of Aalen University.",
    "sources": [
      {
        "db": "BID",
        "id": "104621"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-8306",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.2,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 5.1,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.2,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-8306",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.2,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 5.1,
            "id": "VHN-138338",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "author": "NVD",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.1,
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "Low",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2018-8306",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-8306",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201807-846",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-138338",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-8306",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software. \nAn attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. All \n\tMiracastA(r) enabled Windows 10 phones, tablets and laptops, \n\tincluding the Surface line up. Stream movies, view personal \n\tphotos, or display a presentation on a big screen a all \n\twirelessly.\" [1]\n\t\n\tDuring our research we found a command-injection, broken \n\taccess control and an \"evil-twin\" attack. \n\t\nBackground:\n\tMsWDA uses Wifi-Direct for the Connection and Miracast for \n\ttransmitting Video- and Audiodata. The Wifi-Connection \n\tbetween MsWDA and the Client is alwasy WPA2 encrypted. To \n\tsetup the connection, MsWDA provides a well-known mechanism: \n\tWi-Fi Protected Setup (WPS). MsWDA implements both push \n\tbutton configuration (PBC) and PIN configuration. Despite the\n\toriginal design and name, MsWDA offers PBC with the button \n\tvirtually \"pressed\". A user simply connects. Regardless the \n\tauthentication method used (PBC or PIN), a client is assigned\n\tto a so called \"persistent group\". A client in a persistent \n\tgroup does not have to re-authenticate on a new connection. \n\t\n\tEffect:\n\tCommand injection:\n   \tThe attacker has to be connected to the MsWDA.Using the \n\tWebservice the Name of the MsWDA could be set in the \n\tparameter \"NewDeviceName\". Appending characters \n\tto escape command line scripts, the device gets into a \n\tboot loop. Therefore the conclusion is legit, there is \n\ta command injection. After several bricked MsWDAs we gave\n\tup. \n\t\n\tBroken Access Control:\n\ta) PBC is implemented against Wifi Alliance Best Practices [2]\n\tNo Button has to be pressed, therefore the attacker has \n\tjust to be in network range to authenticate. Physical access\n\tto the device is not required. \n\t\n\tb) If an attacker has formed a persistent group with Push \n\tButton Configuration, he can authenticate with the persistent \n\tgroup, even if the configuration method is changed to PIN \n\tConfiguration. \n\t\n\tc) A persistent group does not expire, so the access right \n\tlongs forever. The WPA2 key of the connection does not change \n\tfor a persistent group. \n\t\n\tEvil-Twin-Attack:\n\tTo perform an Evil-Twin Attack, the Attacker has to be connected\n\tto the MsWDA attacked. The user will only find \n\tthe attackers name in the available connections and connect to the \n\tattackers Evil Twin. A replication service will stream the users data \n\tfrom the attackers device to the MsWDA attacked. Therefore the user \n\twill not be able to recognize the attack. \n\tBesides the ability to view streaming data, the attacker can use \n\tthe established connection to access other services on the victims\n\tdevice, e. g. files if shared to trusted networks by the user. This does not require \n\tthe attacker to have physical access, at least he nees the screen visible.  \n    \t\n\tDisclosure Timeline:\n\t2018/03/21 vendor contacted\n\t2018/03/21 initial vendor response\n\t2018/04/06 vendor confirmation \n\t2018/04/20 vendor informs about fixes planned\n\t2018/04/21 feedback to the vendor on the fixes\n\t2018/05/17 vendor provides timeline for the firmware fixes for July 10th\n\t2018/06/19 vendor provides assigend CVE number\n\t2018/07/10 vendor publishes Advisory and Firmware-Updates \n\t2018/07/30 coordinated public disclosure\n\t\n\t\n\t\nExternal References:\n\t [1] https://www.microsoft.com/accessories/en-us/products/adapters/wireless-display-adapter-2/p3q-00001\n\t [2] https://www.wi-fi.org/downloads-public/wsc_best_practices_v2_0_1.pdf/8188\n\n\t   \nCredits:\n\tTobias Glemser\n\ttglemser@secuvera.de\n\tsecuvera GmbH\n\thttps://www.secuvera.de\n\t\n\tSimon Winter\n\tsimon.winter95@web.de\n\tAalen University\n\thttps://www.hs-aalen.de/en\n\t\nDisclaimer:\n\tAll information is provided without warranty. The intent is to\n\tprovide information to secure infrastructure and/or systems, not\n\tto be able to attack or damage. Therefore secuvera shall\n\tnot be liable for any direct or indirect damages that might be\n\tcaused by using this information",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "BID",
        "id": "104621"
      },
      {
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "db": "PACKETSTORM",
        "id": "148744"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-8306",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "104621",
        "trust": 2.1
      },
      {
        "db": "SECTRACK",
        "id": "1041269",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "148744",
        "trust": 0.3
      },
      {
        "db": "VULHUB",
        "id": "VHN-138338",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-8306",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "db": "BID",
        "id": "104621"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "PACKETSTORM",
        "id": "148744"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "id": "VAR-201807-1609",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138338"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:33:47.660000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "CVE-2018-8306 | Microsoft Wireless Display Adapter Command Injection Vulnerability",
        "trust": 0.8,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8306"
      },
      {
        "title": "CVE-2018-8306 | Microsoft Wireless Display Adapter \u306e\u30b3\u30de\u30f3\u30c9\u633f\u5165\u306e\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2018-8306"
      },
      {
        "title": "Microsoft Wireless Display Adapter V2 Software Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=81910"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2018/07/11/july_patch_tuesday/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-77",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8306"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/104621"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id/1041269"
      },
      {
        "trust": 0.9,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8306"
      },
      {
        "trust": 0.9,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-8306"
      },
      {
        "trust": 0.8,
        "url": "https://www.ipa.go.jp/security/ciadr/vul/20180711-ms.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2018/at180028.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/77.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://packetstormsecurity.com/files/148744/microsoft-wireless-display-adapter-2-command-injection-broken-access-control.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/104621"
      },
      {
        "trust": 0.1,
        "url": "http://ipaddress/cgi-bin/msupload.sh?action=setdevicename\u0026newdevicename=a%0d$(ls)%0d"
      },
      {
        "trust": 0.1,
        "url": "https://www.secuvera.de"
      },
      {
        "trust": 0.1,
        "url": "https://www.microsoft.com/accessories/en-us/products/adapters/wireless-display-adapter-2/p3q-00001"
      },
      {
        "trust": 0.1,
        "url": "https://www.secuvera.de/advisories/secuvera-sa-2018-03.txt"
      },
      {
        "trust": 0.1,
        "url": "https://www.wi-fi.org/downloads-public/wsc_best_practices_v2_0_1.pdf/8188"
      },
      {
        "trust": 0.1,
        "url": "http://ipaddress/cgi-bin/msupload.sh?action=setdevicename\u0026newdevicename=a=b"
      },
      {
        "trust": 0.1,
        "url": "https://www.hs-aalen.de/en"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "db": "BID",
        "id": "104621"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "PACKETSTORM",
        "id": "148744"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "db": "BID",
        "id": "104621"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "db": "PACKETSTORM",
        "id": "148744"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "date": "2018-07-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "date": "2018-07-10T00:00:00",
        "db": "BID",
        "id": "104621"
      },
      {
        "date": "2018-09-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "date": "2018-07-30T17:31:52",
        "db": "PACKETSTORM",
        "id": "148744"
      },
      {
        "date": "2018-07-11T00:29:01.913000",
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "date": "2018-07-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-138338"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-8306"
      },
      {
        "date": "2018-07-10T00:00:00",
        "db": "BID",
        "id": "104621"
      },
      {
        "date": "2018-09-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2018-8306"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft Wireless Display Adapter Command injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-007128"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "command injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201807-846"
      }
    ],
    "trust": 0.6
  }
}

GSD-2018-8306

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-8306

Aliases

CVE-2018-8306

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-8306",
    "description": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software.",
    "id": "GSD-2018-8306",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2018-8306"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-8306"
      ],
      "details": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software.",
      "id": "GSD-2018-8306",
      "modified": "2023-12-13T01:22:34.807550Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2018-8306",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Microsoft Wireless Display Adapter V2 Software",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Version 2.0.8350"
                        },
                        {
                          "version_value": "Version 2.0.8365"
                        },
                        {
                          "version_value": "Version 2.0.8372"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1041269",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041269"
          },
          {
            "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306",
            "refsource": "CONFIRM",
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
          },
          {
            "name": "104621",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/104621"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8350:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8365:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8372:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:microsoft:wireless_display_adapter:2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2018-8306"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-77"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
            },
            {
              "name": "1041269",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1041269"
            },
            {
              "name": "104621",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/104621"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.2,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 5.1,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 2.1,
          "impactScore": 3.4
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-07-11T00:29Z"
    }
  }
}

GHSA-M37P-X6XC-38VX

Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53

Details

Severity ?

5.5 (Medium)


                  
                    CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-8306"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-77"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-11T00:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software.",
  "id": "GHSA-m37p-x6xc-38vx",
  "modified": "2022-05-13T01:53:37Z",
  "published": "2022-05-13T01:53:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8306"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104621"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041269"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2018-13359

Vulnerability from cnvd - Published: 2018-07-18

Title

Microsoft Wireless Display Adapter命令注入漏洞

Description

Microsoft Wireless Display Adapter V2 Software是美国微软（Microsoft）公司的一套用于支持显示设备投影的软件。 Microsoft Wireless Display Adapter V2 Software 2.0.8350版本、2.0.8365版本和2.0.8372版本中存在命令注入漏洞，该漏洞源于程序未能正确的管理用户的输入。攻击者可通过身份验证或登录到目标显示器利用该漏洞在受影响应用程序的上下文中执行任意命令。

Severity

高

Patch Name

Microsoft Wireless Display Adapter命令注入漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306

Impacted products

Name
['Microsoft Wireless Display Adapter V2 Software 2.0.8350', 'Microsoft Wireless Display Adapter V2 Software 2.0.8365', 'Microsoft Wireless Display Adapter V2 Software 2.0.8372']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "104621"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-8306"
    }
  },
  "description": "Microsoft Wireless Display Adapter V2 Software\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u652f\u6301\u663e\u793a\u8bbe\u5907\u6295\u5f71\u7684\u8f6f\u4ef6\u3002\r\n\r\nMicrosoft Wireless Display Adapter V2 Software 2.0.8350\u7248\u672c\u30012.0.8365\u7248\u672c\u548c2.0.8372\u7248\u672c\u4e2d\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u7ba1\u7406\u7528\u6237\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u6216\u767b\u5f55\u5230\u76ee\u6807\u663e\u793a\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "discovererName": "Tobias Glemser of secuvera GmbH, Simon Winter of Aalen University.",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-13359",
  "openTime": "2018-07-18",
  "patchDescription": "Microsoft Wireless Display Adapter V2 Software\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u652f\u6301\u663e\u793a\u8bbe\u5907\u6295\u5f71\u7684\u8f6f\u4ef6\u3002\r\n\r\nMicrosoft Wireless Display Adapter V2 Software 2.0.8350\u7248\u672c\u30012.0.8365\u7248\u672c\u548c2.0.8372\u7248\u672c\u4e2d\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u7ba1\u7406\u7528\u6237\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u6216\u767b\u5f55\u5230\u76ee\u6807\u663e\u793a\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Wireless Display Adapter\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Wireless Display Adapter V2 Software 2.0.8350",
      "Microsoft Wireless Display Adapter V2 Software 2.0.8365",
      "Microsoft Wireless Display Adapter V2 Software 2.0.8372"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306",
  "serverity": "\u9ad8",
  "submitTime": "2018-07-11",
  "title": "Microsoft Wireless Display Adapter\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}

FKIE_CVE-2018-8306

Vulnerability from fkie_nvd - Published: 2018-07-11 00:29 - Updated: 2024-11-21 04:13

Severity ?

5.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

References

URL	Tags
secure@microsoft.com	http://www.securityfocus.com/bid/104621	Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.securitytracker.com/id/1041269	Third Party Advisory, VDB Entry
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104621	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041269	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
microsoft	wireless_display_adapter_firmware	2.0.8350
microsoft	wireless_display_adapter_firmware	2.0.8365
microsoft	wireless_display_adapter_firmware	2.0.8372
microsoft	wireless_display_adapter	2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8350:*:*:*:*:*:*:*",
              "matchCriteriaId": "1893F79A-CAFA-48DB-8620-F7C96FC571DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8365:*:*:*:*:*:*:*",
              "matchCriteriaId": "23641D96-2EE3-4F11-97F4-6F33A6F25DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8372:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCABA19F-D04E-4CAF-B222-0B732B408278",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:microsoft:wireless_display_adapter:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "10A41CCA-EC1A-4FE7-BE92-7F81362355E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en Microsoft Wireless Display Adapter (MWDA) cuando Microsoft Wireless Display Adapter no gestiona correctamente las entradas de usuario. Esto tambi\u00e9n se conoce como \"Microsoft Wireless Display Adapter Command Injection Vulnerability\". Esto afecta a Microsoft Wireless Display Adapter V2 Software."
    }
  ],
  "id": "CVE-2018-8306",
  "lastModified": "2024-11-21T04:13:35.353",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.2,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-07-11T00:29:01.913",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104621"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041269"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041269"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2018-AVI-338

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une exécution de code à distance, une usurpation d'identité et un contournement de la fonctionnalité de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	ChakraCore
Microsoft	N/A	Microsoft Lync 2013 Service Pack 1 (64 bits)
Microsoft	N/A	Skype pour Business 2016 (64 bits)
Microsoft	N/A	Microsoft Visual Studio 2017 Version 15.7.5
Microsoft	N/A	Microsoft Visual Studio 2010 Service Pack 1
Microsoft	N/A	Microsoft Access 2016 (édition 32 bits)
Microsoft	N/A	Microsoft Visual Studio 2017 Version 15.8 Preview
Microsoft	N/A	Microsoft Visual Studio 2013 Update 5
Microsoft	N/A	Microsoft Access 2013 Service Pack 1 (éditions 32 bits)
Microsoft	N/A	Microsoft Visual Studio 2015 Update 3
Microsoft	N/A	Microsoft Access 2016 (édition 64 bits)
Microsoft	N/A	Microsoft Visual Studio 2017
Microsoft	N/A	Microsoft Wireless Display Adapter V2 Software Version 2.0.8350
Microsoft	N/A	Microsoft Access 2013 Service Pack 1 (éditions 64 bits)
Microsoft	N/A	PowerShell Extension pour Visual Studio Code
Microsoft	N/A	Skype pour Business 2016 (32 bits)
Microsoft	N/A	Microsoft Research JavaScript Cryptography Library
Microsoft	N/A	PowerShell Editor Services
Microsoft	N/A	Microsoft Visual Studio 2012 Update 5
Microsoft	N/A	Microsoft Wireless Display Adapter V2 Software Version 2.0.8372
Microsoft	N/A	Expression Blend 4 Service Pack 3
Microsoft	N/A	Microsoft Wireless Display Adapter V2 Software Version 2.0.8365
Microsoft	N/A	Web Customizations pour Active Directory Federation Services
Microsoft	N/A	Microsoft Lync 2013 Service Pack 1 (32 bits)

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 10 juillet 2018

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "ChakraCore",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Lync 2013 Service Pack 1 (64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Skype pour Business 2016 (64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 Version 15.7.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2010 Service Pack 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2016 (\u00e9dition 32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 Version 15.8 Preview",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2013 Update 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2013 Service Pack 1 (\u00e9ditions 32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2015 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2016 (\u00e9dition 64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Wireless Display Adapter V2 Software Version 2.0.8350",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2013 Service Pack 1 (\u00e9ditions 64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "PowerShell Extension pour Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Skype pour Business 2016 (32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Research JavaScript Cryptography Library",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "PowerShell Editor Services",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2012 Update 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Wireless Display Adapter V2 Software Version 2.0.8372",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Expression Blend 4 Service Pack 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Wireless Display Adapter V2 Software Version 2.0.8365",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Web Customizations pour Active Directory Federation Services",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Lync 2013 Service Pack 1 (32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-8283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8283"
    },
    {
      "name": "CVE-2018-8276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8276"
    },
    {
      "name": "CVE-2018-8291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8291"
    },
    {
      "name": "CVE-2018-8306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8306"
    },
    {
      "name": "CVE-2018-8290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8290"
    },
    {
      "name": "CVE-2018-8238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8238"
    },
    {
      "name": "CVE-2018-8327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8327"
    },
    {
      "name": "CVE-2018-8172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8172"
    },
    {
      "name": "CVE-2018-8298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8298"
    },
    {
      "name": "CVE-2018-8326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8326"
    },
    {
      "name": "CVE-2018-8288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8288"
    },
    {
      "name": "CVE-2018-8312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8312"
    },
    {
      "name": "CVE-2018-8319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8319"
    },
    {
      "name": "CVE-2018-8311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8311"
    },
    {
      "name": "CVE-2018-8232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8232"
    },
    {
      "name": "CVE-2018-8294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8294"
    },
    {
      "name": "CVE-2018-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8286"
    },
    {
      "name": "CVE-2018-8279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8279"
    },
    {
      "name": "CVE-2018-8280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8280"
    },
    {
      "name": "CVE-2018-8287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8287"
    },
    {
      "name": "CVE-2018-8275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8275"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-338",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-07-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code \u00e0 distance, une usurpation\nd\u0027identit\u00e9 et un contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 10 juillet 2018",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2018-AVI-338

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	ChakraCore
Microsoft	N/A	Microsoft Lync 2013 Service Pack 1 (64 bits)
Microsoft	N/A	Skype pour Business 2016 (64 bits)
Microsoft	N/A	Microsoft Visual Studio 2017 Version 15.7.5
Microsoft	N/A	Microsoft Visual Studio 2010 Service Pack 1
Microsoft	N/A	Microsoft Access 2016 (édition 32 bits)
Microsoft	N/A	Microsoft Visual Studio 2017 Version 15.8 Preview
Microsoft	N/A	Microsoft Visual Studio 2013 Update 5
Microsoft	N/A	Microsoft Access 2013 Service Pack 1 (éditions 32 bits)
Microsoft	N/A	Microsoft Visual Studio 2015 Update 3
Microsoft	N/A	Microsoft Access 2016 (édition 64 bits)
Microsoft	N/A	Microsoft Visual Studio 2017
Microsoft	N/A	Microsoft Wireless Display Adapter V2 Software Version 2.0.8350
Microsoft	N/A	Microsoft Access 2013 Service Pack 1 (éditions 64 bits)
Microsoft	N/A	PowerShell Extension pour Visual Studio Code
Microsoft	N/A	Skype pour Business 2016 (32 bits)
Microsoft	N/A	Microsoft Research JavaScript Cryptography Library
Microsoft	N/A	PowerShell Editor Services
Microsoft	N/A	Microsoft Visual Studio 2012 Update 5
Microsoft	N/A	Microsoft Wireless Display Adapter V2 Software Version 2.0.8372
Microsoft	N/A	Expression Blend 4 Service Pack 3
Microsoft	N/A	Microsoft Wireless Display Adapter V2 Software Version 2.0.8365
Microsoft	N/A	Web Customizations pour Active Directory Federation Services
Microsoft	N/A	Microsoft Lync 2013 Service Pack 1 (32 bits)

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 10 juillet 2018

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "ChakraCore",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Lync 2013 Service Pack 1 (64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Skype pour Business 2016 (64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 Version 15.7.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2010 Service Pack 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2016 (\u00e9dition 32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 Version 15.8 Preview",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2013 Update 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2013 Service Pack 1 (\u00e9ditions 32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2015 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2016 (\u00e9dition 64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Wireless Display Adapter V2 Software Version 2.0.8350",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Access 2013 Service Pack 1 (\u00e9ditions 64 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "PowerShell Extension pour Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Skype pour Business 2016 (32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Research JavaScript Cryptography Library",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "PowerShell Editor Services",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2012 Update 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Wireless Display Adapter V2 Software Version 2.0.8372",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Expression Blend 4 Service Pack 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Wireless Display Adapter V2 Software Version 2.0.8365",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Web Customizations pour Active Directory Federation Services",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Lync 2013 Service Pack 1 (32 bits)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-8283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8283"
    },
    {
      "name": "CVE-2018-8276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8276"
    },
    {
      "name": "CVE-2018-8291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8291"
    },
    {
      "name": "CVE-2018-8306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8306"
    },
    {
      "name": "CVE-2018-8290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8290"
    },
    {
      "name": "CVE-2018-8238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8238"
    },
    {
      "name": "CVE-2018-8327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8327"
    },
    {
      "name": "CVE-2018-8172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8172"
    },
    {
      "name": "CVE-2018-8298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8298"
    },
    {
      "name": "CVE-2018-8326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8326"
    },
    {
      "name": "CVE-2018-8288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8288"
    },
    {
      "name": "CVE-2018-8312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8312"
    },
    {
      "name": "CVE-2018-8319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8319"
    },
    {
      "name": "CVE-2018-8311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8311"
    },
    {
      "name": "CVE-2018-8232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8232"
    },
    {
      "name": "CVE-2018-8294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8294"
    },
    {
      "name": "CVE-2018-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8286"
    },
    {
      "name": "CVE-2018-8279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8279"
    },
    {
      "name": "CVE-2018-8280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8280"
    },
    {
      "name": "CVE-2018-8287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8287"
    },
    {
      "name": "CVE-2018-8275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8275"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-338",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-07-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code \u00e0 distance, une usurpation\nd\u0027identit\u00e9 et un contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 10 juillet 2018",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-8306 (GCVE-0-2018-8306)

VAR-201807-1609

GSD-2018-8306

GHSA-M37P-X6XC-38VX

CNVD-2018-13359

FKIE_CVE-2018-8306

CERTFR-2018-AVI-338

Solution

CERTFR-2018-AVI-338

Solution

Tags

Sightings

Nomenclature