CVE-2024-21386 .NET Denial of Service Vulnerability

2024-02-1318:02:20

CWE-400

microsoft

www.cve.org

cve-2024-21386

.net

dos

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

27.5%

JSON

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 6.0",
    "cpes": [
      "cpe:2.3:a:microsoft:asp.net_core:6.0:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "6.0",
        "lessThan": "6.0.27",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 7.0",
    "cpes": [
      "cpe:2.3:a:microsoft:asp.net_core:7.0:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "7.0.0",
        "lessThan": "7.0.16",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 8.0",
    "cpes": [
      "cpe:2.3:a:microsoft:asp.net_core:8.0:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "8.0.2",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.4",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.4.0",
        "lessThan": "17.4.16",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.6",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.6.0",
        "lessThan": "17.6.12",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.8",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.8.0",
        "lessThan": "17.8.7",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]