Skip to main content

Powershell Core CVE-2019-0627

HIGH
2019-03-05 secure@microsoft.com
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 05, 2019 - 23:29 nvd
HIGH 7.8

DescriptionNVD

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.

AnalysisAI

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632. Affected products include: Microsoft Powershell Core, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-8256 HIGH
8.8 Nov 14

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft

CVE-2021-26701 HIGH
8.1 Feb 25

.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitabl

CVE-2019-0632 HIGH
7.8 Mar 05

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win

CVE-2019-0631 HIGH
7.8 Mar 05

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win

CVE-2018-8415 HIGH
7.8 Nov 14

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft Pow

CVE-2021-26423 HIGH
7.5 Aug 12

.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remot

CVE-2020-1108 HIGH
7.5 May 21

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Cor

CVE-2019-1301 HIGH
7.5 Sep 11

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Servic

CVE-2018-8292 HIGH
7.5 Oct 10

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in

CVE-2018-0875 HIGH
7.5 Mar 14

.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how

CVE-2018-0786 HIGH
7.5 Jan 10

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and

CVE-2018-0764 HIGH
7.5 Jan 10

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. R

Share

CVE-2019-0627 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy