CVE-2018-8517
First published: Wed Dec 12 2018(Updated: )
A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft .NET Framework | =3.5 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1709 | |
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows Server 2019 | ||
| Microsoft .NET Framework | =3.5-sp1 | |
| Microsoft Windows Server 2008 | =sp2 | |
| Microsoft .NET Framework | =3.5.1 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft .NET Framework | =4.5.2 | |
| Microsoft Windows RT 8.1 | ||
| Microsoft .NET Framework | =4.6.2 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft .NET Framework | =4.6 | |
| Microsoft .NET Framework | =4.6.1 | |
| Microsoft .NET Framework | =4.7 | |
| Microsoft .NET Framework | =4.7.1 | |
| Microsoft .NET Framework | =4.7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-8517?
CVE-2018-8517 is a denial of service vulnerability in .NET Framework.
Which versions of .NET Framework are affected by CVE-2018-8517?
Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 are affected.
What is the severity of CVE-2018-8517?
The severity of CVE-2018-8517 is high, with a severity value of 7.5.
How does CVE-2018-8517 impact systems?
CVE-2018-8517 can result in a denial of service on systems running affected versions of .NET Framework.
Is there a fix available for CVE-2018-8517?
Yes, Microsoft has provided security guidance and updates to address the CVE-2018-8517 vulnerability.
- agent/references
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/remedy
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft .net framework
- version/microsoft .net framework/3.5
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- version/microsoft windows 10/1809
- canonical/microsoft windows 8.1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1709
- version/microsoft windows server 2016/1803
- canonical/microsoft windows server 2019
- version/microsoft .net framework/3.5-sp1
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/sp2
- version/microsoft .net framework/3.5.1
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- version/microsoft windows server 2008/r2-sp1
- version/microsoft .net framework/4.5.2
- canonical/microsoft windows rt 8.1
- version/microsoft .net framework/4.6.2
- version/microsoft .net framework/4.6
- version/microsoft .net framework/4.6.1
- version/microsoft .net framework/4.7
- version/microsoft .net framework/4.7.1
- version/microsoft .net framework/4.7.2