cpe:/a:microsoft:.net_framework:2.0:sp2 cpe:/a:microsoft:.net_framework:3.0:sp2 cpe:/a:microsoft:.net_framework:3.5 cpe:/a:microsoft:.net_framework:3.5.1 cpe:/a:microsoft:.net_framework:4.5.2 cpe:/a:microsoft:.net_framework:4.6 cpe:/a:microsoft:.net_framework:4.6.1 cpe:/a:microsoft:.net_framework:4.6.2 cpe:/a:microsoft:.net_framework:4.7 cpe:/a:microsoft:.net_framework:4.7.1 cpe:/a:microsoft:.net_framework:4.7.2 CVE-2018-8360 2018-08-15T13:29:06.207-04:00 2018-10-15T10:03:54.993-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2018-10-12T12:50:50.593-04:00 SECTRACK 1041462 BID 104986 CONFIRM https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8360 An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.