Lucene search

[email protected]CVE-2021-24112

HistoryFeb 25, 2021 - 11:15 p.m.

CVE-2021-24112

2021-02-2523:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

190

.net

core

remote code execution

vulnerability

cve-2021-24112

nvd

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.5%

JSON

.NET Core Remote Code Execution Vulnerability

VendorProductVersionCPE
microsoftvisual_studio_2019*cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
microsoftmono_6.12.06.12.0cpe:2.3:a:microsoft:mono_6.12.0:6.12.0:*:*:*:*:*:*:*
microsoft.net_core_2.12.1cpe:2.3:a:microsoft:.net_core_2.1:2.1:*:*:*:*:*:*:*
microsoft.net_core_3.13.1cpe:2.3:a:microsoft:.net_core_3.1:3.1:*:*:*:*:*:*:*
microsoft.net_5.05.0.0cpe:2.3:a:microsoft:.net_5.0:5.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	visual_studio_2019	*	cpe:2.3:a:microsoft:visual_studio_2019::::::::
microsoft	mono_6.12.0	6.12.0	cpe:2.3:a:microsoft:mono_6.12.0:6.12.0:::::::*
microsoft	.net_core_2.1	2.1	cpe:2.3:a:microsoft:.net_core_2.1:2.1:::::::*
microsoft	.net_core_3.1	3.1	cpe:2.3:a:microsoft:.net_core_3.1:3.1:::::::*
microsoft	.net_5.0	5.0.0	cpe:2.3:a:microsoft:.net_5.0:5.0.0:::::::*