ID

VAR-201811-0477


CVE

CVE-2018-8415


TITLE

plural Microsoft Windows Product and PowerShell Core Vulnerabilities to be tampered with

Trust: 0.8

sources: JVNDB: JVNDB-2018-010458

DESCRIPTION

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. plural Microsoft Windows Product and PowerShell Core Contains a vulnerability that can be tampered with. The vendor Microsoft PowerShell Has been disclosed as "Tampering Vulnerability".An attacker could execute code that is not logged. Microsoft Powershell is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions

Trust: 1.89

sources: NVD: CVE-2018-8415 // JVNDB: JVNDB-2018-010458 // BID: 105792

AFFECTED PRODUCTS

vendor:microsoftmodel:powershell corescope:eqversion:6.1

Trust: 2.7

vendor:microsoftmodel:powershell corescope:eqversion:6.0

Trust: 2.7

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 1.8

vendor:microsoftmodel:windows 10scope:eqversion:1703

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion:1709

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion:1803

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion:1809

Trust: 1.6

vendor:microsoftmodel:windows 8.1scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 7scope:eqversion: -

Trust: 1.6

vendor:microsoftmodel:windows 10scope:eqversion:1607

Trust: 1.6

vendor:microsoftmodel:windows server 2016scope:eqversion:1803

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion:1709

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion:r2

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows rt 8.1scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1607 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1607 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1703 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1703 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1709 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1709 for 64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1709 for arm64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1803 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1803 for arm64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1803 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1809 for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1809 for arm64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 10scope:eqversion:version 1809 for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows 7scope:eqversion:for 32-bit systems sp1

Trust: 0.8

vendor:microsoftmodel:windows 7scope:eqversion:for x64-based systems sp1

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for 32-bit systems

Trust: 0.8

vendor:microsoftmodel:windows 8.1scope:eqversion:for x64-based systems

Trust: 0.8

vendor:microsoftmodel:windows rt 8.1scope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows serverscope:eqversion:version 1709 (server core installation)

Trust: 0.8

vendor:microsoftmodel:windows serverscope:eqversion:version 1803 (server core installation)

Trust: 0.8

vendor:microsoftmodel:windows server 2008scope:eqversion:r2 for x64-based systems sp1

Trust: 0.8

vendor:microsoftmodel:windows server 2008scope:eqversion:r2 for x64-based systems sp1 (server core installation)

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:(server core installation)

Trust: 0.8

vendor:microsoftmodel:windows server 2012scope:eqversion:r2 (server core installation)

Trust: 0.8

vendor:microsoftmodel:windows server 2016scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2016scope:eqversion:(server core installation)

Trust: 0.8

vendor:microsoftmodel:windows server 2019scope:eqversion:none

Trust: 0.8

vendor:microsoftmodel:windows server 2019scope:eqversion:(server core installation)

Trust: 0.8

vendor:microsoftmodel:windows serverscope:eqversion:20190

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:20160

Trust: 0.3

vendor:microsoftmodel:windows server r2scope:eqversion:20120

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:20120

Trust: 0.3

vendor:microsoftmodel:windows server r2 for x64-based systems sp1scope:eqversion:2008

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:18030

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:17090

Trust: 0.3

vendor:microsoftmodel:windows rtscope:eqversion:8.1

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:8.10

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:8.10

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systems sp1scope:eqversion:7

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systems sp1scope:eqversion:7

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1018090

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1018030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for arm64-based systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017090

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017030

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1016070

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:100

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:100

Trust: 0.3

sources: BID: 105792 // JVNDB: JVNDB-2018-010458 // CNNVD: CNNVD-201811-358 // NVD: CVE-2018-8415

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-8415
value: HIGH

Trust: 1.0

NVD: CVE-2018-8415
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201811-358
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2018-8415
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2018-8415
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: JVNDB: JVNDB-2018-010458 // CNNVD: CNNVD-201811-358 // NVD: CVE-2018-8415

PROBLEMTYPE DATA

problemtype:CWE-94

Trust: 1.8

sources: JVNDB: JVNDB-2018-010458 // NVD: CVE-2018-8415

THREAT TYPE

local

Trust: 0.9

sources: BID: 105792 // CNNVD: CNNVD-201811-358

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-201811-358

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-010458

PATCH

title:CVE-2018-8415 | Microsoft PowerShell Tampering Vulnerabilityurl:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8415

Trust: 0.8

title:CVE-2018-8415 | Microsoft PowerShell の改ざんの脆弱性url:https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/CVE-2018-8415

Trust: 0.8

title:Microsoft PowerShell Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86766

Trust: 0.6

sources: JVNDB: JVNDB-2018-010458 // CNNVD: CNNVD-201811-358

EXTERNAL IDS

db:NVDid:CVE-2018-8415

Trust: 2.7

db:BIDid:105792

Trust: 1.9

db:SECTRACKid:1042108

Trust: 1.0

db:JVNDBid:JVNDB-2018-010458

Trust: 0.8

db:CNNVDid:CNNVD-201811-358

Trust: 0.6

sources: BID: 105792 // JVNDB: JVNDB-2018-010458 // CNNVD: CNNVD-201811-358 // NVD: CVE-2018-8415

REFERENCES

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8415

Trust: 1.9

url:http://www.securityfocus.com/bid/105792

Trust: 1.6

url:http://www.securitytracker.com/id/1042108

Trust: 1.0

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8415

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20181114-ms.html

Trust: 0.8

url:http://www.jpcert.or.jp/at/2018/at180046.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-8415

Trust: 0.8

url:http://www.microsoft.com

Trust: 0.3

sources: BID: 105792 // JVNDB: JVNDB-2018-010458 // CNNVD: CNNVD-201811-358 // NVD: CVE-2018-8415

CREDITS

Amirreza Niakanlahiji (@DissectMalware) of University of North Carolina at Charlotte and Amirreza Niakanlahiji of University of North Carolina at Charlotte

Trust: 0.9

sources: BID: 105792 // CNNVD: CNNVD-201811-358

SOURCES

db:BIDid:105792
db:JVNDBid:JVNDB-2018-010458
db:CNNVDid:CNNVD-201811-358
db:NVDid:CVE-2018-8415

LAST UPDATE DATE

2024-08-14T13:55:41.951000+00:00


SOURCES UPDATE DATE

db:BIDid:105792date:2018-11-13T00:00:00
db:JVNDBid:JVNDB-2018-010458date:2018-12-14T00:00:00
db:CNNVDid:CNNVD-201811-358date:2018-11-16T00:00:00
db:NVDid:CVE-2018-8415date:2018-12-13T18:13:48.827

SOURCES RELEASE DATE

db:BIDid:105792date:2018-11-13T00:00:00
db:JVNDBid:JVNDB-2018-010458date:2018-12-14T00:00:00
db:CNNVDid:CNNVD-201811-358date:2018-11-14T00:00:00
db:NVDid:CVE-2018-8415date:2018-11-14T01:29:00.380