BID:104655

Microsoft MSR JavaScript Cryptography Library CVE-2018-8319 Remote Security Bypass Vulnerability

CVE-2018-8319 |

Info

Microsoft MSR JavaScript Cryptography Library CVE-2018-8319 Remote Security Bypass Vulnerability

Bugtraq ID:	104655
Class:	Input Validation Error
CVE:	CVE-2018-8319
Remote:	Yes
Local:	No
Published:	Jul 10 2018 12:00AM
Updated:	Jul 17 2018 12:00PM
Credit:	Jonathan Burns, Colin McRae, and Ryan Speers of Ionic Security.
Vulnerable:	Microsoft MSR JavaScript Cryptography Library 0

Not Vulnerable:

Discussion

Microsoft MSR JavaScript Cryptography Library CVE-2018-8319 Remote Security Bypass Vulnerability

Microsoft MSR JavaScript Cryptography Library is prone to a remote security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks.

Exploit / POC

Microsoft MSR JavaScript Cryptography Library CVE-2018-8319 Remote Security Bypass Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Microsoft MSR JavaScript Cryptography Library CVE-2018-8319 Remote Security Bypass Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

Microsoft MSR JavaScript Cryptography Library CVE-2018-8319 Remote Security Bypass Vulnerability

References:

Microsoft Homepage (Microsoft)
CVE-2018-8319 | MSR JavaScript Cryptography Library Security Feature Bypass Vuln (Microsoft)