Endpoint Vulnerability

.NET Security Feature Bypass Vulnerability

Description

A security feature bypass vulnerability exists when Microsoft .NET Framework (and .NET Core) components do not completely validate certificates.

Affected Products

.NET Core 1.0,.NET Core 2.0,Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation),Microsoft .NET Framework 4.5.2 on Windows RT 8.1,Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7 on Windows RT 8.1,Microsoft .NET Framework 4.7.1 on Windows Server, version 1709 (Server Core Installation),Windows 10,Windows 7,Windows 8,Windows Server 2008

References

CVE-2018-0786,