ID |
CVE-2018-8531
|
Summary |
A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT Edge. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 9.3 (as of 24-08-2020 - 17:37) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-787 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
refmap
via4
|
|
Last major update |
24-08-2020 - 17:37 |
Published |
10-10-2018 - 13:29 |
Last modified |
24-08-2020 - 17:37 |