Lucene search

CVE-2018-8171

🗓️ 11 Jul 2018 00:00:29Reported by microsoftType

"ASP.NET Security Feature Bypass Vulnerability in login attempts validation.

Reporter	Title	Published	Views	Family All 16
NVD	CVE-2018-8171	11 Jul 201800:29	–	nvd
Cvelist	CVE-2018-8171	11 Jul 201800:00	–	cvelist
Tenable Nessus	Security Updates for Microsoft .NET core and ASP.NET (Bypass) (July 2018)	13 Jul 201800:00	–	nessus
Tenable Nessus	Security Updates for Microsoft Visual Studio Products (July 2018)	12 Jul 201800:00	–	nessus
OSV	Security feature bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated	16 Oct 201819:56	–	osv
OSV	CVE-2018-8171	11 Jul 201800:29	–	osv
Symantec	Microsoft ASP.NET Core CVE-2018-8171 Security Bypass Vulnerability	10 Jul 201800:00	–	symantec
Prion	Security feature bypass	11 Jul 201800:29	–	prion
OpenVAS	Microsoft ASP.NET Core Security Feature Bypass Vulnerability (Jul 2018)	13 Jul 201800:00	–	openvas
Veracode	Brute Force Attacks	11 Jul 201812:35	–	veracode

Nvd

Vulners

Node

microsoft asp.net_coreMatch1.0

microsoft asp.net_coreMatch1.1

microsoft asp.net_coreMatch2.0

microsoft asp.net_model_view_controllerMatch5.2

microsoft asp.net_webpagesMatch3.2.3

[
  {
    "product": "ASP.NET",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Web Pages 3.2.3 on Microsoft Visual Studio 2013 Update 5"
      },
      {
        "status": "affected",
        "version": "Web Pages 3.2.3 on Microsoft Visual Studio 2015 Update 3"
      }
    ]
  },
  {
    "product": "ASP.NET Core",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "1.0"
      },
      {
        "status": "affected",
        "version": "1.1"
      },
      {
        "status": "affected",
        "version": "2.0"
      }
    ]
  },
  {
    "product": "ASP.NET MVC 5.2",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Visual Studio 2013 Update 5"
      },
      {
        "status": "affected",
        "version": "Microsoft Visual Studio 2015 Update 3"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1041267
securityfocus	www.securityfocus.com/bid/104659
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

11 Jul 2018 00:29Current

7.3High risk

Vulners AI Score7.3

CVSS25

CVSS37.5

EPSS0.00558

CWE-287