Description
ASP.NET Security Feature Bypass Vulnerability
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
E
Unchanged
RL
O
RC
Changed
Affected products
- Microsoft / Microsoft .NET Framework 2.0 Service Pack 22.0.0 – 3.0.50727.8975
- Microsoft / Microsoft .NET Framework 3.0 Service Pack 23.0.0 – 3.0.50727.8975
- Microsoft / Microsoft .NET Framework 3.53.5.0 – 3.0.50727.8975
- Microsoft / Microsoft .NET Framework 3.5.13.5.0 – 3.0.50727.8975
- Microsoft / Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.23.0.0.0 – 10.0.14393.6452
- Microsoft / Microsoft .NET Framework 3.5 AND 4.6/4.6.210.0.0 – 10.0.10240.20308
- Microsoft / Microsoft .NET Framework 3.5 AND 4.7.24.7.0 – 4.7.4076.0
- Microsoft / Microsoft .NET Framework 3.5 AND 4.84.8.0 – 4.8.4682.0
- Microsoft / Microsoft .NET Framework 3.5 AND 4.8.14.8.1 – 4.8.9206.0
- Microsoft / Microsoft .NET Framework 4.6.24.7.0 – 4.7.4076.0
- Microsoft / Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.24.7.0 – 4.7.4076.0
- Microsoft / Microsoft .NET Framework 4.84.8.0 – 4.8.4682.0