Powershell Core
CVE-2019-1167
MEDIUM
Severity by source
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.
AnalysisAI
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control. Rated medium severity (CVSS 4.1).
Technical ContextAI
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. Affected products include: Microsoft Powershell Core.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Powershell Core
View allA remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft
.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitabl
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft Pow
.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remot
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Cor
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Servic
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today