Skip to main content

Powershell Core CVE-2019-1167

MEDIUM
2019-07-19 secure@microsoft.com
4.1
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
4.1 MEDIUM
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jul 19, 2019 - 15:15 nvd
MEDIUM 4.1

DescriptionNVD

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.

AnalysisAI

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control. Rated medium severity (CVSS 4.1).

Technical ContextAI

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. Affected products include: Microsoft Powershell Core.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-8256 HIGH
8.8 Nov 14

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft

CVE-2021-26701 HIGH
8.1 Feb 25

.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitabl

CVE-2019-0632 HIGH
7.8 Mar 05

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win

CVE-2019-0631 HIGH
7.8 Mar 05

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win

CVE-2019-0627 HIGH
7.8 Mar 05

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Win

CVE-2018-8415 HIGH
7.8 Nov 14

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft Pow

CVE-2021-26423 HIGH
7.5 Aug 12

.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remot

CVE-2020-1108 HIGH
7.5 May 21

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Cor

CVE-2019-1301 HIGH
7.5 Sep 11

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Servic

CVE-2018-8292 HIGH
7.5 Oct 10

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in

CVE-2018-0875 HIGH
7.5 Mar 14

.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how

CVE-2018-0786 HIGH
7.5 Jan 10

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and

Share

CVE-2019-1167 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy