Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA12563
HistoryJun 14, 2022 - 12:00 a.m.

KLA12563 OSI vulnerability in Microsoft Developer Tools

2022-06-1400:00:00
Kaspersky Lab
threats.kaspersky.com
14

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.8%

JSON

Detect date:

06/14/2022

Severity:

High

Description:

Information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information.

Affected products:

Microsoft Visual Studio 2022 version 17.0
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Microsoft Visual Studio 2022 version 17.2
Visual Studio 2022 for Mac version 17.0
.NET Core 3.1
.NET 6.0
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Visual Studio 2019 for Mac version 8.10
NuGet.exe

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2022-30184

Impacts:

OSI

Related products:

Microsoft Visual Studio

KB list:

5015429
5015424

Related

redhat 5
mskb 2
github 1
prion 1
fedora 2
osv 5
nessus 14
oraclelinux 3
openvas 3
veracode 1
redhatcve 1
mscve 1
rocky 2
alpinelinux 1
cve 1
altlinux 5
ics 1
ibm 1
rapid7blog 1
redhat
redhat
(RHSA-2022:5047) Moderate: .NET 6.0 on RHEL 7 security and bugfix update
2022-06-15 07:46:52
(RHSA-2022:5062) Moderate: .NET Core 3.1 on RHEL 7 security and bugfix update
2022-06-15 14:51:04
(RHSA-2022:5050) Moderate: .NET 6.0 security and bugfix update
2022-06-15 07:48:09
mskb
mskb
.NET 6.0 Update: June 14, 2022 (KB5015429)
2022-06-14 07:00:00
.NET Core 3.1 Update: June 14, 2022 (KB5015424)
2022-06-14 07:00:00
github
github
Potential leak of NuGet.org API key
2022-06-14 21:57:52
prion
prion
Information disclosure
2022-06-15 22:15:00
fedora
fedora
[SECURITY] Fedora 35 Update: dotnet3.1-3.1.420-1.fc35
2022-07-07 01:18:12
[SECURITY] Fedora 36 Update: dotnet3.1-3.1.420-1.fc36
2022-07-07 01:16:29
osv
osv
BIT-dotnet-sdk-2022-30184
2024-03-06 10:57:55
Moderate: .NET 6.0 security and bugfix update
2022-06-15 07:46:48
Potential leak of NuGet.org API key
2022-06-14 21:57:52
nessus
nessus
RHEL 9 : .NET 6.0 (RHSA-2022:5050)
2022-06-16 00:00:00
RHEL 7 : .NET Core 3.1 on RHEL 7 (RHSA-2022:5062)
2022-06-16 00:00:00
Rocky Linux 8 : .NET Core 3.1 (RLSA-2022:5061)
2022-07-08 00:00:00
oraclelinux
oraclelinux
.NET Core 3.1 security and bugfix update
2022-06-15 00:00:00
.NET 6.0 security and bugfix update
2022-06-30 00:00:00
.NET 6.0 security and bugfix update
2022-06-16 00:00:00
openvas
openvas
.NET Core Information Disclosure Vulnerability (KB5015424)
2022-06-15 00:00:00
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-5508547b1e)
2022-07-08 00:00:00
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-cd37732349)
2022-07-08 00:00:00
veracode
veracode
Information Disclosure
2022-06-15 05:58:53
redhatcve
redhatcve
CVE-2022-30184
2022-06-14 17:33:30
mscve
mscve
.NET and Visual Studio Information Disclosure Vulnerability
2022-06-14 07:00:00
rocky
rocky
.NET Core 3.1 security and bugfix update
2022-06-15 14:49:11
.NET 6.0 security and bugfix update
2022-06-15 07:46:48
alpinelinux
alpinelinux
CVE-2022-30184
2022-06-15 22:15:00
cve
cve
CVE-2022-30184
2022-06-15 22:15:00
altlinux
altlinux
Security fix for the ALT Linux 10 package dotnet-runtime-7.0 version 6.0.7-alt1
2022-08-05 00:00:00
Security fix for the ALT Linux 10 package dotnet-bootstrap-3.1 version 3.1.26-alt1
2023-02-20 00:00:00
Security fix for the ALT Linux 10 package dotnet-coreclr-3.1 version 3.1.26-alt1
2023-02-20 00:00:00
ics
ics
Siemens PNI
2023-11-16 12:00:00
ibm
ibm
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak
2022-08-25 02:03:35
rapid7blog
rapid7blog
Patch Tuesday - June 2022
2022-06-14 19:37:50

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.8%

JSON
Related for KLA12563
redhat5mskb2github1prion1fedora2osv5nessus14oraclelinux3openvas3veracode1redhatcve1mscve1rocky2alpinelinux1cve1altlinux5ics1ibm1rapid7blog1