All the vulnerabilites related to Microsoft - .NET 6.0
cve-2024-43485
Vulnerability from cvelistv5
Published
2024-10-08 17:35
Modified
2024-12-10 18:45
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43485 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.2 |
Version: 7.2.0 < 7.2.24 |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43485", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:54:45.795602Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T19:47:57.831Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.24", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.6", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.10", "status": "affected", "version": "8.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.35", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.24", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.6", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.10", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.35", "versionStartIncluding": "6.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-407", "description": "CWE-407: Inefficient Algorithmic Complexity", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:45:59.353Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43485" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43485", "datePublished": "2024-10-08T17:35:47.290Z", "dateReserved": "2024-08-14T01:08:33.518Z", "dateUpdated": "2024-12-10T18:45:59.353Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20672
Vulnerability from cvelistv5
Published
2024-01-09 17:56
Modified
2024-10-08 15:40
Severity ?
EPSS score ?
Summary
.NET Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20672 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:42.333Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Core and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20672" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.26", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.15", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-01-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:40:06.301Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20672" } ], "title": ".NET Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-20672", "datePublished": "2024-01-09T17:56:58.290Z", "dateReserved": "2023-11-28T22:58:12.117Z", "dateUpdated": "2024-10-08T15:40:06.301Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-21409
Vulnerability from cvelistv5
Published
2024-04-09 17:00
Modified
2024-10-09 01:40
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.9 |
Version: 17.0 < 17.9.6 cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-21409", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-25T00:14:54.668309Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:37:59.942Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T22:20:40.892Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.12", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.2", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.19", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.29", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.18", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.4", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4718.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4718.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4092.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.6897", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4092.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.9236.0", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.9206.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4092.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:40:43.466Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409" } ], "title": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-21409", "datePublished": "2024-04-09T17:00:08.248Z", "dateReserved": "2023-12-08T22:45:21.299Z", "dateUpdated": "2024-10-09T01:40:43.466Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36793
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.57 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36793", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T15:20:19.558478Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:25:44.719Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2016", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows Server 2019" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 22H2 for ARM64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:12.204Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36793", "datePublished": "2023-09-12T16:58:40.256Z", "dateReserved": "2023-06-27T15:11:59.872Z", "dateUpdated": "2024-08-02T17:01:09.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41032
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:35
Severity ?
EPSS score ?
Summary
NuGet Client Elevation of Privilege Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.10 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:35:47.829Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032" }, { "name": "FEDORA-2022-f9ca76e479", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7BMHO5ITRBZREVTEKHQRGSFRPDMALV3/" }, { "name": "FEDORA-2022-7f5f9ede26", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDPT2MJC3HD7HYZGASOOX6MTDR4ASBL5/" }, { "name": "FEDORA-2022-2c37647a9c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOG35Z5RL5W5RGLLYLN46CI4D2UPDSWM/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.10", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.30", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.9", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.20", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.26", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.15", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.6", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.7", "status": "affected", "version": "17.3", "versionType": "custom" } ] } ], "datePublic": "2022-10-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "NuGet Client Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-09T17:23:42.524Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032" }, { "name": "FEDORA-2022-f9ca76e479", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7BMHO5ITRBZREVTEKHQRGSFRPDMALV3/" }, { "name": "FEDORA-2022-7f5f9ede26", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDPT2MJC3HD7HYZGASOOX6MTDR4ASBL5/" }, { "name": "FEDORA-2022-2c37647a9c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOG35Z5RL5W5RGLLYLN46CI4D2UPDSWM/" } ], "title": "NuGet Client Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-41032", "datePublished": "2022-10-11T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:35:47.829Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0056
Vulnerability from cvelistv5
Published
2024-01-09 17:56
Modified
2024-10-08 15:39
Severity ?
EPSS score ?
Summary
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2022 (GDR) |
Version: 16.0.0 < 16.0.1110.1 cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:41:15.885Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1110.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.26", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.15", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.1", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:data_sql_client:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:data_sql_client:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:data_sql_client:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:data_sql_client:5.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft.Data.SqlClient", "vendor": "Microsoft", "versions": [ { "lessThan": "2.1.7", "status": "affected", "version": "1.0", "versionType": "custom" }, { "lessThan": "3.1.5", "status": "affected", "version": "1.0", "versionType": "custom" }, { "lessThan": "4.0.5", "status": "affected", "version": "1.0", "versionType": "custom" }, { "lessThan": "5.1.3", "status": "affected", "version": "1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:System.Data.SqlClient:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "System.Data.SqlClient", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.6", "status": "affected", "version": "1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (CU 10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4100.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2016", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04690.01", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.6614", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "3.0.50727.8976", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 23H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09214.01", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8976", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-01-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "CWE-319: Cleartext Transmission of Sensitive Information", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:39:51.662Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056" } ], "title": "Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-0056", "datePublished": "2024-01-09T17:56:58.972Z", "dateReserved": "2023-11-22T17:43:06.743Z", "dateUpdated": "2024-10-08T15:39:51.662Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36792
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.57 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36792", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-28T14:00:38.974579Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-28T14:00:45.881Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.977Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2016", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2012" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows Server 2022", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows Server 2019" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2016", "Windows 10 Version 1607 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:12.722Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36792", "datePublished": "2023-09-12T16:58:40.779Z", "dateReserved": "2023-06-27T15:11:59.871Z", "dateUpdated": "2024-08-02T17:01:09.977Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33135
Vulnerability from cvelistv5
Published
2023-06-13 23:26
Modified
2024-08-02 15:39
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.18 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-33135", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-12T14:58:48.967130Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-12T14:59:00.865Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:39:35.999Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.18", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.7", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:22:26.071Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135" } ], "title": ".NET and Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-33135", "datePublished": "2023-06-13T23:26:26.390Z", "dateReserved": "2023-05-17T21:16:44.896Z", "dateUpdated": "2024-08-02T15:39:35.999Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36794
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.57 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36794", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T15:55:22.038287Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T15:55:32.545Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.543Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016 (Server Core installation)", "Windows Server 2016", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2022", "Windows Server 2022 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:11.685Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36794", "datePublished": "2023-09-12T16:58:39.719Z", "dateReserved": "2023-06-27T15:11:59.873Z", "dateUpdated": "2024-08-02T17:01:09.543Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-34716
Vulnerability from cvelistv5
Published
2022-08-09 19:55
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
.NET Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:15:16.112Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Spoofing Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.50", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.7", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.24", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.18", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.13", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.8", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.28", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.12", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.6", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] } ], "datePublic": "2022-08-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-20T21:27:59.001Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Spoofing Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716" } ], "title": ".NET Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-34716", "datePublished": "2022-08-09T19:55:43", "dateReserved": "2022-06-27T00:00:00", "dateUpdated": "2024-08-03T09:15:16.112Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29117
Vulnerability from cvelistv5
Published
2022-05-10 20:34
Modified
2024-08-03 06:10
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.5 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:10:59.422Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.5", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.25", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.17", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.10", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.21", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.14", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2022-05-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:27:38.581Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-29117", "datePublished": "2022-05-10T20:34:23", "dateReserved": "2022-04-12T00:00:00", "dateUpdated": "2024-08-03T06:10:59.422Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30184
Vulnerability from cvelistv5
Published
2022-06-15 21:52
Modified
2024-09-10 15:57
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.6 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:40:47.782Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184" }, { "name": "FEDORA-2022-cd37732349", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/" }, { "name": "FEDORA-2022-5508547b1e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.26", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.22", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2019 for Mac version 8.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.2", "status": "affected", "version": "8.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.16", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.11", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.4", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet.exe", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.0", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.2", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-06-14T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-10T15:57:25.636Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184" }, { "name": "FEDORA-2022-cd37732349", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/" }, { "name": "FEDORA-2022-5508547b1e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/" } ], "title": ".NET and Visual Studio Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-30184", "datePublished": "2022-06-15T21:52:20", "dateReserved": "2022-05-03T00:00:00", "dateUpdated": "2024-09-10T15:57:25.636Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33128
Vulnerability from cvelistv5
Published
2023-06-13 23:26
Modified
2024-08-02 15:39
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.18 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-33128", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-08T14:18:33.333686Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-08T14:18:51.143Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:39:35.239Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.18", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.7", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.5", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:22:22.547Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-33128", "datePublished": "2023-06-13T23:26:22.949Z", "dateReserved": "2023-05-17T21:16:44.895Z", "dateUpdated": "2024-08-02T15:39:35.239Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35390
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.18 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35390", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-04T01:21:48.088404Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:18:41.198Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.883Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35390" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.18", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.10", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.6", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.21", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.10", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-77", "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:33:04.938Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35390" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY/" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35390", "datePublished": "2023-08-08T17:08:54.243Z", "dateReserved": "2023-06-14T23:09:47.639Z", "dateUpdated": "2024-08-02T16:23:59.883Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29145
Vulnerability from cvelistv5
Published
2022-05-10 20:34
Modified
2024-08-03 06:10
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.5 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:10:59.448Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.5", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.25", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.17", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.21", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.10", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.14", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2022-05-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:27:48.275Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-29145", "datePublished": "2022-05-10T20:34:56", "dateReserved": "2022-04-12T00:00:00", "dateUpdated": "2024-08-03T06:10:59.448Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41089
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 12:35
Severity ?
EPSS score ?
Summary
.NET Framework Remote Code Execution Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.11 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:35:49.218Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.11", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.22", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.17", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.3", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.12", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.32", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.1", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.9", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.2", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows 8.1 for 32-bit systems", "Windows Server 2016", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2012", "Windows Server 2016 (Server Core installation)", "Windows 7 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows 7 for 32-bit Systems Service Pack 1", "Windows Server 2012 R2 (Server Core installation)", "Windows RT 8.1", "Windows 10 Version 1607 for 32-bit Systems", "Windows 8.1 for x64-based systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "04590.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4590.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "04590.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "04590.04", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 21H1 for ARM64-based Systems", "Windows 10 Version 21H1 for x64-based Systems", "Windows 10 Version 21H1 for 32-bit Systems", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 20H2 for 32-bit Systems", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "04590.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "04590.04", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4590.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows Server 2019", "Windows 10 Version 1809 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "04010.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04590.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H1 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H1 for 32-bit Systems", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H1 for x64-based Systems", "Windows 10 Version 20H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "09115.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "9115.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "04590.04", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 8.1 for x64-based systems", "Windows 8.1 for 32-bit systems", "Windows Server 2012 R2", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows 7 for 32-bit Systems Service Pack 1", "Windows 7 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 7 for 32-bit Systems Service Pack 1", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)", "Windows 8.1 for 32-bit systems", "Windows 7 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows RT 8.1", "Windows 8.1 for x64-based systems" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "04010.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4010.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04590.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04010.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "30729.8953", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "04010.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04010.03", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19624", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-12-13T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Framework Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T13:57:58.533Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089" } ], "title": ".NET Framework Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-41089", "datePublished": "2022-12-13T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:35:49.218Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0057
Vulnerability from cvelistv5
Published
2024-01-09 17:56
Modified
2024-10-08 15:39
Severity ?
EPSS score ?
Summary
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 8.0 |
Version: 1.0.0 < 8.0.1 cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:41:15.867Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240208-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.1", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.15", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.26", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.34", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:5.11.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet 5.11.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.11.6.0", "status": "affected", "version": "5.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:17.4.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet 17.4.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.3.0", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:17.6.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NUGET 17.6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.2.0", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:17.8.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet 17.8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.1.0", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.18", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.11", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.2", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04690.01", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2016" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.6614", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "3.0.50727.8976", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09214.01", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8976", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8976", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-01-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:39:52.262Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057" } ], "title": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-0057", "datePublished": "2024-01-09T17:56:59.552Z", "dateReserved": "2023-11-22T17:43:37.319Z", "dateUpdated": "2024-10-08T15:39:52.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-24936
Vulnerability from cvelistv5
Published
2023-06-14 14:52
Modified
2024-08-02 11:11
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.16 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-24936", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T14:48:19.526051Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:21:22.183Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T11:11:43.705Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.18", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.7", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.5", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2012 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows Server 2016" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows Server 2019", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.5989", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 R2", "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.9166.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19983", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "2.0.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "3.0.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:46.957Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936" } ], "title": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-24936", "datePublished": "2023-06-14T14:52:19.301Z", "dateReserved": "2023-01-31T20:37:47.257Z", "dateUpdated": "2024-08-02T11:11:43.705Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35391
Vulnerability from cvelistv5
Published
2023-08-08 18:52
Modified
2024-09-11 18:57
Severity ?
EPSS score ?
Summary
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.18 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.717Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-35391", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T18:55:14.681715Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T18:57:48.798Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.18", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.10", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.6", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 2.1", "vendor": "Microsoft", "versions": [ { "lessThan": "2.1.40", "status": "affected", "version": "2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.21", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.10", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:33:05.429Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391" } ], "title": "ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35391", "datePublished": "2023-08-08T18:52:30.105Z", "dateReserved": "2023-06-14T23:09:47.640Z", "dateUpdated": "2024-09-11T18:57:48.798Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36796
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.6 |
Version: 17.6.0 < 17.6.9 cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36796", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:14:53.378773Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:25:47.414Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.624Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.7.6", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40707.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27559.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2016", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:11.166Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36796", "datePublished": "2023-09-12T16:58:39.186Z", "dateReserved": "2023-06-27T15:11:59.873Z", "dateUpdated": "2024-08-02T17:01:09.624Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28260
Vulnerability from cvelistv5
Published
2023-04-11 19:13
Modified
2024-08-02 12:30
Severity ?
EPSS score ?
Summary
.NET DLL Hijacking Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.16 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:30:24.683Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET DLL Hijacking Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.16", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.5", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.5", "vendor": "Microsoft", "versions": [ { "lessThan": "17.5.4", "status": "affected", "version": "17.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.7", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.15", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.21", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.4", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.11", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] } ], "datePublic": "2023-04-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET DLL Hijacking Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:56:35.458Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET DLL Hijacking Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260" } ], "title": ".NET DLL Hijacking Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-28260", "datePublished": "2023-04-11T19:13:56.662Z", "dateReserved": "2023-03-13T22:18:32.391Z", "dateUpdated": "2024-08-02T12:30:24.683Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-21404
Vulnerability from cvelistv5
Published
2024-02-13 18:02
Modified
2024-10-09 01:49
Severity ?
EPSS score ?
Summary
.NET Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21404 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.27 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-21404", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-28T14:17:08.064098Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-28T14:17:14.300Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T22:20:40.452Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21404" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.27", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.16", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.2", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.16", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.12", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.7", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-02-13T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:49:47.170Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21404" } ], "title": ".NET Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-21404", "datePublished": "2024-02-13T18:02:24.234Z", "dateReserved": "2023-12-08T22:45:21.298Z", "dateUpdated": "2024-10-09T01:49:47.170Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36799
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.24 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36799", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T16:23:47.132893Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:25:46.976Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.676Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Core and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.14", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.14", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Core and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:10.655Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Core and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799" } ], "title": ".NET Core and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36799", "datePublished": "2023-09-12T16:58:38.681Z", "dateReserved": "2023-06-27T15:11:59.874Z", "dateUpdated": "2024-08-02T17:01:09.676Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29331
Vulnerability from cvelistv5
Published
2023-06-14 14:52
Modified
2024-08-02 14:07
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.18 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:45.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.18", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.7", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.5", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2016", "Windows Server 2012 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.5989", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.9166.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19983", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "2.0.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "3.0.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.6920.8954; 2.0.50727.8970", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:59.804Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331" } ], "title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-29331", "datePublished": "2023-06-14T14:52:19.830Z", "dateReserved": "2023-04-04T22:34:18.378Z", "dateUpdated": "2024-08-02T14:07:45.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21986
Vulnerability from cvelistv5
Published
2022-02-09 16:36
Modified
2024-08-03 03:00
Severity ?
EPSS score ?
Summary
.NET Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) |
Version: 15.0.0 < 16.9.17 cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:00:54.541Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.17", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.10", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.6", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2019 for Mac version 8.10", "vendor": "Microsoft", "versions": [ { "lessThan": "8.10.18", "status": "affected", "version": "8.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.14", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.2", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-02-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:41:26.052Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986" } ], "title": ".NET Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-21986", "datePublished": "2022-02-09T16:36:32", "dateReserved": "2021-12-16T00:00:00", "dateUpdated": "2024-08-03T03:00:54.541Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-38095
Vulnerability from cvelistv5
Published
2024-07-09 17:03
Modified
2024-12-10 19:15
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.4 |
Version: 7.4.0 < 7.4.4 |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-38095", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T20:02:27.324531Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T20:02:36.933Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T04:04:25.264Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.4", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.22", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.32", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.7", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.21", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.17", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.12", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4", "status": "affected", "version": "17.10", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.4", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.22", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.32", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.7", "versionStartIncluding": "1.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.4.21", "versionStartIncluding": "17.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.17", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.12", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.4", "versionStartIncluding": "17.10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-07-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T19:15:45.380Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-38095", "datePublished": "2024-07-09T17:03:24.803Z", "dateReserved": "2024-06-11T22:36:08.184Z", "dateUpdated": "2024-12-10T19:15:45.380Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24512
Vulnerability from cvelistv5
Published
2022-03-09 17:08
Modified
2024-08-03 04:13
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
Version: 16.0.0 < 16.7.26 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:13:56.019Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.26", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.18", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.11", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.15", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.3", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.23", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.2", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.9", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.1", "vendor": "Microsoft", "versions": [ { "lessThan": "7.1.6", "status": "affected", "version": "7.1.0", "versionType": "custom" } ] } ], "datePublic": "2022-03-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:31:55.947Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-24512", "datePublished": "2022-03-09T17:08:15", "dateReserved": "2022-02-05T00:00:00", "dateUpdated": "2024-08-03T04:13:56.019Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36049
Vulnerability from cvelistv5
Published
2023-11-14 20:18
Modified
2024-08-02 16:37
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36049 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.22 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:37:41.336Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36049" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.22", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.14", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.7.7", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.10", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.0", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.25", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.14", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.9206.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4682.0", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.9206.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4682.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4076.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6452", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4076.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4076.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20308", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8975", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8975", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8975", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8975", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-11-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.6, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:21:21.585Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36049" } ], "title": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36049", "datePublished": "2023-11-14T20:18:04.925Z", "dateReserved": "2023-06-20T20:44:39.829Z", "dateUpdated": "2024-08-02T16:37:41.336Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38180
Vulnerability from cvelistv5
Published
2023-08-08 18:52
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | ASP.NET Core 2.1 |
Version: 2.0 < 2.1.40 cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-38180", "options": [ { "Exploitation": "active" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T20:42:20.831219Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2023-08-09", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-38180" }, "type": "kev" } } ], "providerMetadata": { "dateUpdated": "2024-07-24T20:42:51.964Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:30:14.113Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 2.1", "vendor": "Microsoft", "versions": [ { "lessThan": "2.1.40", "status": "affected", "version": "2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.21", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.10", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.18", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.10", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.6", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:33:06.993Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY/" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38180", "datePublished": "2023-08-08T18:52:31.790Z", "dateReserved": "2023-07-12T23:41:45.867Z", "dateUpdated": "2024-08-02T17:30:14.113Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-38081
Vulnerability from cvelistv5
Published
2024-07-09 17:03
Modified
2024-12-10 19:15
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38081 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.4 |
Version: 17.4.0 < 17.4.21 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-38081", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T18:00:51.956378Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T18:00:59.015Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T04:04:25.011Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38081" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.21", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.17", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.12", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.32", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4101.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4101.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 23H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.1.9256.03", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.9256.03", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "10.0.25398.1009", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4101.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20710", "status": "affected", "version": "10.0.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "2.0.50727.8977", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "2.0.50727.8977", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.30729.8972", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8971", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.4101.04", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.30729.8971", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1607 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04739.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.4739.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.4739.03", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4739.04", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.2.4101.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.7159", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.10240.20710", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.4.21", "versionStartIncluding": "17.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.17", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.12", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.32", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.4101.02", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.1.9256.03", "versionStartIncluding": "4.8.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.4101.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.10240.20710", "versionStartIncluding": "10.0.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "2.0.50727.8977", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "2.0.50727.8977", "versionStartIncluding": "3.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.30729.8972", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.30729.8971", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04739.02", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.4739.04", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.2.4101.03", "versionStartIncluding": "4.7.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-07-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T19:15:42.731Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38081" } ], "title": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-38081", "datePublished": "2024-07-09T17:03:22.527Z", "dateReserved": "2024-06-11T22:36:08.182Z", "dateUpdated": "2024-12-10T19:15:42.731Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21808
Vulnerability from cvelistv5
Published
2023-02-14 20:09
Modified
2024-08-02 09:51
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) |
Version: 16.11.0 < 16.11.24 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:50.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.24", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.19", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.52", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.5", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.13", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27555.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40700.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.3", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.14", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.10", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2022", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 10 Version 20H2 for 32-bit Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows Server 2022 (Server Core installation)", "Windows Server 2019", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.04614.06", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "10.0.4614.06", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "10.0.04614.05", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.04038.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.5717", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04614.08", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04038.05", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04038.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04038.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04614.05", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04614.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.4614.08", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.4614.07", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 10 Version 20H2 for 32-bit Systems", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.09139.02", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04038.06", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4038.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19747", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] } ], "datePublic": "2023-02-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:05:18.735Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-21808", "datePublished": "2023-02-14T20:09:27.030Z", "dateReserved": "2022-12-16T22:13:41.241Z", "dateUpdated": "2024-08-02T09:51:50.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38178
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38178 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.21 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-38178", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:24:24.810142Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:28:14.188Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:30:14.066Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Core and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38178" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.21", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.18", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.10", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Core and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:33:07.502Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Core and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38178" } ], "title": ".NET Core and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38178", "datePublished": "2023-08-08T17:08:57.014Z", "dateReserved": "2023-07-12T23:41:45.865Z", "dateUpdated": "2024-08-02T17:30:14.066Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43483
Vulnerability from cvelistv5
Published
2024-10-08 17:35
Modified
2024-12-10 18:45
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43483 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.2 |
Version: 7.2.0 < 7.2.24 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43483", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:54:49.591134Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T19:48:38.422Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.24", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.6", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.10", "status": "affected", "version": "8.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.35", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04761.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.1.9277.03", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.1.09277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.109277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20796", "status": "affected", "version": "10.0.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.30729.8973", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8972", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "4.7.04115.01", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.1.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.24", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.6", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.10", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.35", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.1.9277.03", "versionStartIncluding": "4.8.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.10240.20796", "versionStartIncluding": "10.0.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "3.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.30729.8973", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.1.30729.8974", "versionStartIncluding": "3.5.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-407", "description": "CWE-407: Inefficient Algorithmic Complexity", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:45:58.307Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43483" } ], "title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43483", "datePublished": "2024-10-08T17:35:46.198Z", "dateReserved": "2024-08-14T01:08:33.518Z", "dateUpdated": "2024-12-10T18:45:58.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33126
Vulnerability from cvelistv5
Published
2023-06-13 23:26
Modified
2024-08-02 15:39
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.18 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-33126", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-08T14:17:17.554630Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-08T14:17:47.264Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:39:35.835Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.18", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.7", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:22:21.995Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-33126", "datePublished": "2023-06-13T23:26:22.404Z", "dateReserved": "2023-05-17T21:16:44.895Z", "dateUpdated": "2024-08-02T15:39:35.835Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-21319
Vulnerability from cvelistv5
Published
2024-01-09 18:59
Modified
2024-10-08 15:40
Severity ?
EPSS score ?
Summary
Microsoft Identity Denial of service vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.26 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T22:20:39.921Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Identity Denial of service vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.26", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.15", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.1", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:identitymodel_for_nuget:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Identity Model v6.0.0 forNuget", "vendor": "Microsoft", "versions": [ { "lessThan": "6.34.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:identitymodel_for_nuget:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Identity Model v7.0.0 for Nuget", "vendor": "Microsoft", "versions": [ { "lessThan": "7.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:identitymodel:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Identity Model v6.0.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.34.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:identitymodel:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Identity Model v5.0.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.7.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:identitymodel:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Identity Model v7.0.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.1.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:identitymodel_for_nuget:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Identity Model v5.0.0 for Nuget", "vendor": "Microsoft", "versions": [ { "lessThan": "5.7.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "datePublic": "2024-01-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Identity Denial of service vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:40:06.745Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Identity Denial of service vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319" } ], "title": "Microsoft Identity Denial of service vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-21319", "datePublished": "2024-01-09T18:59:01.270Z", "dateReserved": "2023-12-08T22:45:19.367Z", "dateUpdated": "2024-10-08T15:40:06.745Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43484
Vulnerability from cvelistv5
Published
2024-10-08 17:35
Modified
2024-12-10 18:45
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43484 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.2 |
Version: 7.2.0 < 7.2.24 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43484", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:54:47.769303Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T19:48:20.527Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.24", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.6", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.35", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.10", "status": "affected", "version": "8.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2019", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1607 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.7428", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2022", "Windows Server 2022 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2022", "Windows 11 version 21H2 for x64-based Systems", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.1.9277.03", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.1.09277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.109277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20796", "status": "affected", "version": "10.0.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.30729.8973", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8972", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "4.7.04115.01", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.1.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2012 R2", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2016 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04761.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.24", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.6", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.35", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.10", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.1.9277.03", "versionStartIncluding": "4.8.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.10240.20796", "versionStartIncluding": "10.0.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "3.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.30729.8973", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.1.30729.8974", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-407", "description": "CWE-407: Inefficient Algorithmic Complexity", "lang": "en-US", "type": "CWE" }, { "cweId": "CWE-789", "description": "CWE-789: Memory Allocation with Excessive Size Value", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:45:58.837Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43484" } ], "title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43484", "datePublished": "2024-10-08T17:35:46.715Z", "dateReserved": "2024-08-14T01:08:33.518Z", "dateUpdated": "2024-12-10T18:45:58.837Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21538
Vulnerability from cvelistv5
Published
2023-01-10 00:00
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
.NET Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21538 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.13 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-21538", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-16T22:02:43.243536Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-16T22:02:48.609Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:01.057Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21538" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.13", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.9", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] } ], "datePublic": "2023-01-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T03:03:53.067Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21538" } ], "title": ".NET Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-21538", "datePublished": "2023-01-10T00:00:00", "dateReserved": "2022-12-01T00:00:00", "dateUpdated": "2024-08-02T09:44:01.057Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-24897
Vulnerability from cvelistv5
Published
2023-06-14 14:52
Modified
2024-09-27 19:43
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.55 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:11:43.453Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-24897", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-27T19:43:18.398305Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-27T19:43:32.943Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.55", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.27", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40700.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27555.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.7", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.18", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1809 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2012", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.5989", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.9166.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19983", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:45.757Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897" } ], "title": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-24897", "datePublished": "2023-06-14T14:52:10.089Z", "dateReserved": "2023-01-31T20:32:35.472Z", "dateUpdated": "2024-09-27T19:43:32.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33127
Vulnerability from cvelistv5
Published
2023-07-11 17:03
Modified
2024-08-02 15:39
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.20 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:39:35.413Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.20", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.9", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.23", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.17", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.9", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.5", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.13", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.6", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-07-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1220", "description": "CWE-1220: Insufficient Granularity of Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:58:25.472Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127" } ], "title": ".NET and Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-33127", "datePublished": "2023-07-11T17:03:05.826Z", "dateReserved": "2023-05-17T21:16:44.895Z", "dateUpdated": "2024-08-02T15:39:35.413Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33170
Vulnerability from cvelistv5
Published
2023-07-11 17:03
Modified
2024-08-02 15:39
Severity ?
EPSS score ?
Summary
ASP.NET and Visual Studio Security Feature Bypass Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.17 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:39:35.661Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ASP.NET and Visual Studio Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.17", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.23", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.9", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.5", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.20", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.9", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-07-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "ASP.NET and Visual Studio Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-362", "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:59:18.447Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "ASP.NET and Visual Studio Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/" } ], "title": "ASP.NET and Visual Studio Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-33170", "datePublished": "2023-07-11T17:03:13.113Z", "dateReserved": "2023-05-17T21:16:44.903Z", "dateUpdated": "2024-08-02T15:39:35.661Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38013
Vulnerability from cvelistv5
Published
2022-09-13 00:00
Modified
2024-08-03 10:37
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Denial of Service Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Visual Studio 2022 for Mac version 17.3 |
Version: 17.3 < 17.3.5 cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:37:42.606Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013" }, { "name": "FEDORA-2022-980d492c98", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/" }, { "name": "FEDORA-2022-847c67b3cd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/" }, { "name": "FEDORA-2022-d80b1d2827", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/" }, { "name": "FEDORA-2022-34a610d9bf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/" }, { "name": "FEDORA-2022-13046bb867", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.5", "status": "affected", "version": "17.3", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.4", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.29", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.9", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.19", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.25", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.14", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.8", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] } ], "datePublic": "2022-09-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Core and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:11:38.022Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013" }, { "name": "FEDORA-2022-980d492c98", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/" }, { "name": "FEDORA-2022-847c67b3cd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/" }, { "name": "FEDORA-2022-d80b1d2827", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/" }, { "name": "FEDORA-2022-34a610d9bf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/" }, { "name": "FEDORA-2022-13046bb867", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/" } ], "title": ".NET Core and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-38013", "datePublished": "2022-09-13T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-08-03T10:37:42.606Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24464
Vulnerability from cvelistv5
Published
2022-03-09 17:07
Modified
2024-08-03 04:13
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.3 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:13:55.503Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.3", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.15", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.23", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.26", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.18", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.11", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-03-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:31:56.437Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-24464", "datePublished": "2022-03-09T17:07:46", "dateReserved": "2022-02-05T00:00:00", "dateUpdated": "2024-08-03T04:13:55.503Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36558
Vulnerability from cvelistv5
Published
2023-11-14 21:35
Modified
2024-08-02 16:52
Severity ?
EPSS score ?
Summary
ASP.NET Core - Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.25 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36558", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-28T14:17:29.323763Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-28T14:17:40.113Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:52:52.402Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ASP.NET Core - Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.25", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:6.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.25", "status": "affected", "version": "6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.14", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.22", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.0", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.14", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.10", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.7.7", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:7.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.14", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:8.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.0", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-11-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "ASP.NET Core - Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Security Feature Bypass", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:21:10.813Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "ASP.NET Core - Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558" } ], "title": "ASP.NET Core - Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36558", "datePublished": "2023-11-14T21:35:31.499Z", "dateReserved": "2023-06-23T20:11:38.789Z", "dateUpdated": "2024-08-02T16:52:52.402Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23267
Vulnerability from cvelistv5
Published
2022-05-10 20:33
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET Core 3.1 |
Version: 3.1 < 3.1.25 cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:36:20.350Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.25", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.17", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.21", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2019 for Mac version 8.10", "vendor": "Microsoft", "versions": [ { "lessThan": "8.10.24", "status": "affected", "version": "8.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.14", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.10", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.5", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.11", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.4", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.3", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-05-10T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:27:19.793Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-23267", "datePublished": "2022-05-10T20:33:32", "dateReserved": "2022-01-15T00:00:00", "dateUpdated": "2024-08-03T03:36:20.350Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }