All the vulnerabilites related to Microsoft - Microsoft Visual Studio 2022 version 17.10
cve-2024-35272
Vulnerability from cvelistv5
Published
2024-07-09 17:02
Modified
2024-12-10 19:15
Severity ?
EPSS score ?
Summary
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-35272", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T18:38:18.225584Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T18:38:24.277Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T03:07:46.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.66", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.40", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.19", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.14", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.7", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.3", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2116.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "13.0.6441.1", "status": "affected", "version": "13.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "vendor": "Microsoft", "versions": [ { "lessThan": "13.0.7037.1", "status": "affected", "version": "13.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2017 (CU 31)", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.3471.2", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1121.4", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft SQL Server 2019 for x64-based Systems (CU 27)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4382.1", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft SQL Server 2022 for (CU 13)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4131.2", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", "versionEndExcluding": "15.9.66", "versionStartIncluding": "15.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.11.40", "versionStartIncluding": "16.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.19", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.14", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.7", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.3", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "15.0.2116.2", "versionStartIncluding": "15.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:sp3:*:*:*:*:x64:*", "versionEndExcluding": "13.0.6441.1", "versionStartIncluding": "13.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:sp3:*:*:*:*:x64:*", "versionEndExcluding": "13.0.7037.1", "versionStartIncluding": "13.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:-:*:*:*:*:x64:*", "versionEndExcluding": "14.0.3471.2", "versionStartIncluding": "14.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "16.0.1121.4", "versionStartIncluding": "16.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "15.0.4382.1", "versionStartIncluding": "15.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "16.0.4131.2", "versionStartIncluding": "16.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-07-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T19:15:07.508Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272" } ], "title": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-35272", "datePublished": "2024-07-09T17:02:44.609Z", "dateReserved": "2024-05-14T20:14:47.415Z", "dateUpdated": "2024-12-10T19:15:07.508Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43590
Vulnerability from cvelistv5
Published
2024-10-08 17:36
Modified
2024-12-10 18:46
Severity ?
EPSS score ?
Summary
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43590 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Visual C++ Redistributable Installer |
Version: 10.0.0 < 14.40.33816 |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43590", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:34:14.182011Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T18:34:32.825Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Visual C++ Redistributable Installer", "vendor": "Microsoft", "versions": [ { "lessThan": "14.40.33816", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.67", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.41", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_c_plus_plus_redistributable_installer:*:*:*:*:*:*:*:*", "versionEndExcluding": "14.40.33816", "versionStartIncluding": "10.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", "versionEndExcluding": "15.9.67", "versionStartIncluding": "15.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.11.41", "versionStartIncluding": "16.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual C++ Redistributable Installer Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:46:23.393Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual C++ Redistributable Installer Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43590" } ], "title": "Visual C++ Redistributable Installer Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43590", "datePublished": "2024-10-08T17:36:14.169Z", "dateReserved": "2024-08-14T01:08:33.548Z", "dateUpdated": "2024-12-10T18:46:23.393Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43485
Vulnerability from cvelistv5
Published
2024-10-08 17:35
Modified
2024-12-10 18:45
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43485 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.2 |
Version: 7.2.0 < 7.2.24 |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43485", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:54:45.795602Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T19:47:57.831Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.24", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.6", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.10", "status": "affected", "version": "8.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.35", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.24", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.6", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.10", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.35", "versionStartIncluding": "6.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-407", "description": "CWE-407: Inefficient Algorithmic Complexity", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:45:59.353Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43485" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43485", "datePublished": "2024-10-08T17:35:47.290Z", "dateReserved": "2024-08-14T01:08:33.518Z", "dateUpdated": "2024-12-10T18:45:59.353Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43603
Vulnerability from cvelistv5
Published
2024-10-08 17:36
Modified
2024-12-10 18:46
Severity ?
EPSS score ?
Summary
Visual Studio Collector Service Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43603 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.11 |
Version: 17.11 < 17.11.5 |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43603", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:35:39.922024Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T19:27:12.025Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.67", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.41", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27561.00", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", "versionEndExcluding": "15.9.67", "versionStartIncluding": "15.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.11.41", "versionStartIncluding": "16.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*", "versionEndExcluding": "14.0.27561.00", "versionStartIncluding": "14.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Collector Service Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:46:26.201Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Collector Service Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43603" } ], "title": "Visual Studio Collector Service Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43603", "datePublished": "2024-10-08T17:36:17.098Z", "dateReserved": "2024-08-14T01:08:33.551Z", "dateUpdated": "2024-12-10T18:46:26.201Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43499
Vulnerability from cvelistv5
Published
2024-11-12 17:53
Modified
2024-12-10 16:41
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43499 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.6 |
Version: 17.6.0 < 17.6.21 |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43499", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T16:28:19.318382Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T16:28:33.031Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.21", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.9", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.16", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.6", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 9.0", "vendor": "Microsoft", "versions": [ { "lessThan": "9.0.0", "status": "affected", "version": "9.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.21", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.9", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.16", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.6", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "9.0.0", "versionStartIncluding": "9.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-11-12T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-409", "description": "CWE-409: Improper Handling of Highly Compressed Data (Data Amplification)", "lang": "en-US", "type": "CWE" }, { "cweId": "CWE-606", "description": "CWE-606: Unchecked Input for Loop Condition", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T16:41:07.019Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43499" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43499", "datePublished": "2024-11-12T17:53:35.848Z", "dateReserved": "2024-08-14T01:08:33.522Z", "dateUpdated": "2024-12-10T16:41:07.019Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-49044
Vulnerability from cvelistv5
Published
2024-11-12 17:53
Modified
2024-12-10 16:41
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49044 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.6 |
Version: 17.6.0 < 17.6.21 |
||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49044", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T04:55:44.267016Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-09T17:40:36.462Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.21", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.16", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.9", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.6", "status": "affected", "version": "17.11", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.21", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.16", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.9", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.6", "versionStartIncluding": "17.11", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-11-12T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T16:41:26.196Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49044" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-49044", "datePublished": "2024-11-12T17:53:55.992Z", "dateReserved": "2024-10-11T20:57:49.187Z", "dateUpdated": "2024-12-10T16:41:26.196Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-38167
Vulnerability from cvelistv5
Published
2024-08-13 17:29
Modified
2024-10-16 01:53
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38167 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.10 |
Version: 17.10 < 17.10.6 cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-38167", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-14T14:59:50.642718Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-14T15:00:19.345Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.13", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.8", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.18", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] } ], "datePublic": "2024-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "CWE-319: Cleartext Transmission of Sensitive Information", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-16T01:53:13.849Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38167" } ], "title": ".NET and Visual Studio Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-38167", "datePublished": "2024-08-13T17:29:48.525Z", "dateReserved": "2024-06-11T22:36:08.212Z", "dateUpdated": "2024-10-16T01:53:13.849Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-30052
Vulnerability from cvelistv5
Published
2024-06-11 17:00
Modified
2024-08-02 01:25
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.63 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-30052", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T18:40:08.702742Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T18:40:17.085Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:25:02.976Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.63", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.37", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.20", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.16", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.11", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.2", "status": "affected", "version": "17.10", "versionType": "custom" } ] } ], "datePublic": "2024-06-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-693", "description": "CWE-693: Protection Mechanism Failure", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T21:13:46.822Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-30052", "datePublished": "2024-06-11T17:00:10.658Z", "dateReserved": "2024-03-22T23:12:13.409Z", "dateUpdated": "2024-08-02T01:25:02.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-29060
Vulnerability from cvelistv5
Published
2024-06-11 16:59
Modified
2024-08-02 01:03
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.10 |
Version: 17.10 < 17.10.2 cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-29060", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T18:59:22.420493Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T18:59:37.398Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.658Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.2", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.63", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.37", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.20", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.16", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.11", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-06-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T21:13:25.945Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-29060", "datePublished": "2024-06-11T16:59:48.371Z", "dateReserved": "2024-03-14T23:05:27.954Z", "dateUpdated": "2024-08-02T01:03:51.658Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-38229
Vulnerability from cvelistv5
Published
2024-10-08 17:35
Modified
2024-12-10 18:45
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38229 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.6 |
Version: 17.6.0 < 17.6.20 |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-38229", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:55:00.476544Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T18:55:12.358Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.10", "status": "affected", "version": "8.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.10", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:45:25.538Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38229" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-38229", "datePublished": "2024-10-08T17:35:16.768Z", "dateReserved": "2024-06-11T22:36:08.227Z", "dateUpdated": "2024-12-10T18:45:25.538Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43483
Vulnerability from cvelistv5
Published
2024-10-08 17:35
Modified
2024-12-10 18:45
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43483 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.2 |
Version: 7.2.0 < 7.2.24 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43483", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:54:49.591134Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T19:48:38.422Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.24", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.6", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.10", "status": "affected", "version": "8.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.35", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04761.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.1.9277.03", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.1.09277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.109277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20796", "status": "affected", "version": "10.0.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.30729.8973", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8972", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "4.7.04115.01", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.1.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.24", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.6", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.10", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.35", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.1.9277.03", "versionStartIncluding": "4.8.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.10240.20796", "versionStartIncluding": "10.0.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "3.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.30729.8973", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.1.30729.8974", "versionStartIncluding": "3.5.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-407", "description": "CWE-407: Inefficient Algorithmic Complexity", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:45:58.307Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43483" } ], "title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43483", "datePublished": "2024-10-08T17:35:46.198Z", "dateReserved": "2024-08-14T01:08:33.518Z", "dateUpdated": "2024-12-10T18:45:58.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-38168
Vulnerability from cvelistv5
Published
2024-08-13 17:29
Modified
2024-10-16 01:53
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38168 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 8.0 |
Version: 1.0.0 < 8.0.8 cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-38168", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-15T14:23:57.648145Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-15T14:24:10.618Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.8", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.18", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.13", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-16T01:53:14.342Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38168" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-38168", "datePublished": "2024-08-13T17:29:49.113Z", "dateReserved": "2024-06-11T22:36:08.212Z", "dateUpdated": "2024-10-16T01:53:14.342Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43484
Vulnerability from cvelistv5
Published
2024-10-08 17:35
Modified
2024-12-10 18:45
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43484 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.2 |
Version: 7.2.0 < 7.2.24 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43484", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:54:47.769303Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T19:48:20.527Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.24", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.6", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.35", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.10", "status": "affected", "version": "8.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2019", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1607 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.7428", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2022", "Windows Server 2022 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2022", "Windows 11 version 21H2 for x64-based Systems", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", "Windows 11 Version 24H2 for ARM64-based Systems", "Windows 11 Version 24H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.1.9277.03", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.1.09277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.109277.02", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04115.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04115.03", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20796", "status": "affected", "version": "10.0.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8974", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.30729.8973", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8972", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "3.5.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" }, { "lessThan": "4.7.04115.01", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.5.1.30729.8974", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "platforms": [ "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2012 R2", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2016 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04762.01", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04762.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04761.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.24", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.6", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.35", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.10", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.1.9277.03", "versionStartIncluding": "4.8.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.7.04115.01", "versionStartIncluding": "4.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*", "versionEndExcluding": "10.0.10240.20796", "versionStartIncluding": "10.0.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", "versionEndExcluding": "3.0.30729.8974", "versionStartIncluding": "3.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.30729.8973", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.5.1.30729.8974", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.04762.01", "versionStartIncluding": "4.8.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-407", "description": "CWE-407: Inefficient Algorithmic Complexity", "lang": "en-US", "type": "CWE" }, { "cweId": "CWE-789", "description": "CWE-789: Memory Allocation with Excessive Size Value", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:45:58.837Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43484" } ], "title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43484", "datePublished": "2024-10-08T17:35:46.715Z", "dateReserved": "2024-08-14T01:08:33.518Z", "dateUpdated": "2024-12-10T18:45:58.837Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43498
Vulnerability from cvelistv5
Published
2024-11-12 17:53
Modified
2024-12-10 16:41
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43498 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.8 |
Version: 17.8.0 < 17.8.16 |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43498", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T20:11:42.647690Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T20:11:59.384Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.16", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.21", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.9", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.6", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 9.0", "vendor": "Microsoft", "versions": [ { "lessThan": "9.0.0", "status": "affected", "version": "9.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.16", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.21", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.9", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.6", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "9.0.0", "versionStartIncluding": "9.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-11-12T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-843", "description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T16:41:31.729Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43498" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43498", "datePublished": "2024-11-12T17:53:58.782Z", "dateReserved": "2024-08-14T01:08:33.521Z", "dateUpdated": "2024-12-10T16:41:31.729Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-38095
Vulnerability from cvelistv5
Published
2024-07-09 17:03
Modified
2024-12-10 19:15
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.4 |
Version: 7.4.0 < 7.4.4 |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-38095", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T20:02:27.324531Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T20:02:36.933Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T04:04:25.264Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.4", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.22", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.32", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.7", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.21", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.17", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.12", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4", "status": "affected", "version": "17.10", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.4", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", "versionEndExcluding": "7.2.22", "versionStartIncluding": "7.2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.0.32", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.7", "versionStartIncluding": "1.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.4.21", "versionStartIncluding": "17.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.17", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.12", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.4", "versionStartIncluding": "17.10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-07-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T19:15:45.380Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-38095", "datePublished": "2024-07-09T17:03:24.803Z", "dateReserved": "2024-06-11T22:36:08.184Z", "dateUpdated": "2024-12-10T19:15:45.380Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-30105
Vulnerability from cvelistv5
Published
2024-07-09 17:02
Modified
2024-12-10 19:15
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30105 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 8.0 |
Version: 1.0.0 < 8.0.7 |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-30105", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-10T15:05:16.271423Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-10T15:05:25.429Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:25:03.130Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Core and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30105" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.7", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.4", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.21", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.17", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.12", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.7", "versionStartIncluding": "1.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*", "versionEndExcluding": "7.4.4", "versionStartIncluding": "7.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.4.21", "versionStartIncluding": "17.4.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.17", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.4", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.12", "versionStartIncluding": "17.8.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-07-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T19:15:04.964Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30105" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-30105", "datePublished": "2024-07-09T17:02:41.777Z", "dateReserved": "2024-03-22T23:12:15.573Z", "dateUpdated": "2024-12-10T19:15:04.964Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-35264
Vulnerability from cvelistv5
Published
2024-07-09 17:02
Modified
2024-10-08 16:13
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35264 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 8.0 |
Version: 1.0.0 < 8.0.7 cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-35264", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T18:13:39.190149Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-10T16:35:29.446Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T03:07:46.880Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35264" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.7", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.21", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.12", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.17", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] } ], "datePublic": "2024-07-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T16:13:46.327Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35264" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-35264", "datePublished": "2024-07-09T17:02:10.148Z", "dateReserved": "2024-05-14T20:14:47.413Z", "dateUpdated": "2024-10-08T16:13:46.327Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }