CVE-2021-34532 ASP.NET Core and Visual Studio Information Disclosure Vulnerability

2021-08-1218:12:05

microsoft

www.cve.org

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.5%

JSON

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 2.1",
    "cpes": [
      "cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "2.0",
        "lessThan": "2.1.29",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 3.1",
    "cpes": [
      "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "3.0",
        "lessThan": "3.1.18",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 5.0",
    "cpes": [
      "cpe:2.3:a:microsoft:asp.net_core:5.0:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "5.0",
        "lessThan": "5.0.9",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "16.0",
        "lessThan": "16.4.25",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "16.7.18",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "15.0.0",
        "lessThan": "16.9.10",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9)",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "16.10.0",
        "lessThan": "16.10.5",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Visual Studio 2019 for Mac version 8.10",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "8.1.0",
        "lessThan": "8.10.7",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]