Microsoft CVE-2018-8360: .NET Framework Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream. To exploit the vulnerability, an attacker who can access one tenant in a high-load/high-density environment could potentially trigger multi-tenanted data exposure from one customer to another. The security update addresses the vulnerability by correcting the way .NET Framework handles high-load/high-density network connections.
Solution(s)
- msft-kb4343885-a06825f6-41f1-4dda-8182-99725d2718b0
- msft-kb4343885-aa3d8e16-b3c9-4adf-92c4-f7dad57f2825
- msft-kb4343887-348e720d-750f-481e-b0e0-58bab6ce8538
- msft-kb4343887-c796509e-8bbb-4de4-b45f-92de37e32d36
- msft-kb4343887-cffa7f5a-126a-48d4-9cb6-5541b12e862e
- msft-kb4343892-0c24fb3d-ed27-4461-bb0c-5905b7bc4bfc
- msft-kb4343892-fbad4042-4e60-473e-a4ef-e3b1761dba11
- msft-kb4343897-550b5b70-0dcd-43c0-b4c5-4fe259fda49c
- msft-kb4343897-ceb32db8-813d-4ab3-818c-e740f4a18a38
- msft-kb4343897-d48f1d9a-72aa-46fc-b493-ea21346badbf
- msft-kb4343909-4493244a-d754-4ffd-9b1e-c248e1b14e03
- msft-kb4343909-8025b6ac-6795-490e-9130-ee2ca585a1bf
- msft-kb4343909-d4a86d98-3a49-4ab9-ba67-db4c0279d576
- msft-kb4345679-1b11fddd-9a22-472e-a412-ef225a5de41a-kb4344167
- msft-kb4345679-1b11fddd-9a22-472e-a412-ef225a5de41a-kb4344173
- msft-kb4345679-1b11fddd-9a22-472e-a412-ef225a5de41a-kb4344177
- msft-kb4345679-9017e50c-8440-4320-816b-cda1493fbd6f-kb4344167
- msft-kb4345679-9017e50c-8440-4320-816b-cda1493fbd6f-kb4344173
- msft-kb4345679-9017e50c-8440-4320-816b-cda1493fbd6f-kb4344177
- msft-kb4345679-d0e92286-c693-47df-ab23-4e7bc83bf3a6-kb4344177
- msft-kb4345680-157995a0-2b42-4154-9e37-f1e0240d9a8c-kb4344165
- msft-kb4345680-157995a0-2b42-4154-9e37-f1e0240d9a8c-kb4344172
- msft-kb4345680-157995a0-2b42-4154-9e37-f1e0240d9a8c-kb4344175
- msft-kb4345680-7b26d6f1-937c-4171-86ab-bd89e50b5a4e-kb4344165
- msft-kb4345680-7b26d6f1-937c-4171-86ab-bd89e50b5a4e-kb4344172
- msft-kb4345680-7b26d6f1-937c-4171-86ab-bd89e50b5a4e-kb4344175
- msft-kb4345680-ccb830c9-1ca8-4873-8de9-8dc3b9bd6451-kb4344165
- msft-kb4345680-ccb830c9-1ca8-4873-8de9-8dc3b9bd6451-kb4344172
- msft-kb4345680-ccb830c9-1ca8-4873-8de9-8dc3b9bd6451-kb4344175
- msft-kb4345681-0c4e3f40-bd63-41ae-b207-af4b1b6d6735-kb4344166
- msft-kb4345681-0c4e3f40-bd63-41ae-b207-af4b1b6d6735-kb4344171
- msft-kb4345681-0c4e3f40-bd63-41ae-b207-af4b1b6d6735-kb4344178
- msft-kb4345681-c601cf7a-ba23-4d6d-bcdc-c61c258e7f1f-kb4344166
- msft-kb4345681-c601cf7a-ba23-4d6d-bcdc-c61c258e7f1f-kb4344171
- msft-kb4345681-c601cf7a-ba23-4d6d-bcdc-c61c258e7f1f-kb4344178
- msft-kb4345682-734871fb-860a-481e-ac5d-87fad8e85d04-kb4344167
- msft-kb4345682-734871fb-860a-481e-ac5d-87fad8e85d04-kb4344173
- msft-kb4345682-734871fb-860a-481e-ac5d-87fad8e85d04-kb4344176
- msft-kb4345682-d4b1b193-ceac-47aa-ab3f-40577650d824-kb4344176
- msft-kb4345682-ff3688d8-960e-4600-938d-b3322b8ddb84-kb4344167
- msft-kb4345682-ff3688d8-960e-4600-938d-b3322b8ddb84-kb4344173
- msft-kb4345682-ff3688d8-960e-4600-938d-b3322b8ddb84-kb4344176
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center