CVE-2018-8269

HIGH

Microsoft Data OData - DoS

Title source: llm

Description

A denial of service vulnerability exists when OData Library improperly handles web requests, aka "OData Denial of Service Vulnerability." This affects Microsoft.Data.OData.

Exploits (1)

exploitdb WORKING POC

by Gal Zror · rubydoswindows

https://www.exploit-db.com/exploits/46101

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/105322

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8269

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/46101/

Scores

CVSS v3 7.5

EPSS 0.2465

EPSS Percentile 96.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (4)

microsoft/microsoft.data.odata

nuget/Microsoft.AspNetCore.All 2.1.0 - 2.1.13NuGet

nuget/Microsoft.AspNetCore.DataProtection.AzureStorage 2.1.0 - 2.1.13NuGet

nuget/Microsoft.Data.OData 0 - 5.8.4NuGet

Published Sep 13, 2018

Tracked Since Feb 18, 2026