CVE-2018-8569 - A remote code execution vulnerability exists in the Yammer desktop application due to the loading of

CVE-2018-8569

Summary

A remote code execution vulnerability exists in the Yammer desktop application due to the loading of arbitrary content, aka "Yammer Desktop Application Remote Code Execution Vulnerability." This affects Yammer Desktop App.

References

http://www.securityfocus.com/bid/105681
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569

Vulnerable Configurations

cpe:2.3:a:microsoft:yammer:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:yammer:-:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	105681
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8569

Last major update

24-08-2020 - 17:37

Published

23-10-2018 - 17:29

Last modified

24-08-2020 - 17:37