Lucene search
MicrosoftCVE-2024-29060HistoryJun 11, 2024 - 5:15 p.m.
CVE-2024-29060
2024-06-1117:15:51
CWE-284
microsoft
web.nvd.nist.gov
34
cve-2024-29060
elevation of privilege
visual studio
CVSS3
6.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
EPSS
0.001
Percentile
27.5%
Visual Studio Elevation of Privilege Vulnerability
Affected configurations
Node
microsoftvisual_studio_2017Range15.0–15.9.63
ORmicrosoftvisual_studio_2019Range16.0–16.11.37
ORmicrosoftvisual_studio_2022Range17.4–17.4.20
ORmicrosoftvisual_studio_2022Range17.6–17.6.16
ORmicrosoftvisual_studio_2022Range17.8–17.8.11
ORmicrosoftvisual_studio_2022Range17.10–17.10.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | visual_studio_2017 | * | cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
| microsoft | visual_studio_2019 | * | cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
| microsoft | visual_studio_2022 | * | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.10",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.10",
"lessThan": "17.10.2",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "15.9.0",
"lessThan": "15.9.63",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.11.0",
"lessThan": "16.11.37",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.4",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.4.0",
"lessThan": "17.4.20",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.6",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.6.0",
"lessThan": "17.6.16",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.8",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.8.0",
"lessThan": "17.8.11",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
mscve
mscve
Visual Studio Elevation of Privilege Vulnerability
2024-06-11 07:00:00
cvelist
cvelist
CVE-2024-29060 Visual Studio Elevation of Privilege Vulnerability
2024-06-11 16:59:48
vulnrichment
vulnrichment
CVE-2024-29060 Visual Studio Elevation of Privilege Vulnerability
2024-06-11 16:59:48
nvd
nvd
CVE-2024-29060
2024-06-11 17:15:51
kaspersky
kaspersky
KLA68912 Multiple vulnerabilities in Microsoft Developer Tools
2024-06-11 00:00:00
nessus
nessus
Security Updates for Microsoft Visual Studio Products (June 2024)
2024-06-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2024
2024-06-11 19:43:48
CVSS3
6.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
EPSS
0.001
Percentile
27.5%
Related for CVE-2024-29060