Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA65128
HistoryMar 12, 2024 - 12:00 a.m.

KLA65128 Multiple vulnerabilities in Microsoft Developer Tools

2024-03-1200:00:00
Kaspersky Lab
threats.kaspersky.com
13
microsoft visual studio
developer tools
vulnerabilities
denial of service
privileges
security update
kb list
dos

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

17.6%

JSON

Detect date:

03/12/2024

Severity:

High

Description:

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges.

Affected products:

Microsoft Visual Studio 2022 version 17.6
Microsoft Visual Studio 2022 version 17.9
Microsoft Visual Studio 2022 version 17.4
.NET 8.0
Visual Studio Code
Microsoft Visual Studio 2022 version 17.8
.NET 7.0

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2024-21392
CVE-2024-26190
CVE-2024-26165

Impacts:

DoS

Related products:

Microsoft Visual Studio

CVE-IDS:

CVE-2024-213927.5High
CVE-2024-261907.5High
CVE-2024-261658.8High

KB list:

5036452
5036451

Related

mskb 7
nessus 23
openvas 4
prion 3
redos 1
mscve 3
cve 3
github 2
alpinelinux 2
veracode 2
osv 9
ubuntucve 2
redhat 4
oraclelinux 4
rocky 2
almalinux 4
ubuntu 1
redhatcve 1
rapid7blog 1
kaspersky 1
mskb
mskb
.NET 7.0 Update - March 12, 2024 (KB5036451)
2024-03-12 07:00:00
.NET 8.0 Update - March 12, 2024 (KB5036452)
2024-03-12 07:00:00
March 12, 2024—KB5035854 (OS Build 22000.2836)
2024-03-12 07:00:00
nessus
nessus
Security Update for Microsoft .NET Core SDK (March 2024)
2024-03-13 00:00:00
Security Updates for Microsoft Visual Studio Products (March 2024)
2024-03-12 00:00:00
Security Update for Microsoft Visual Studio Code (March 2024)
2024-03-12 00:00:00
openvas
openvas
.NET Core Multiple Denial of Service Vulnerabilities (KB5036452)
2024-03-13 00:00:00
Ubuntu: Security Advisory (USN-6693-1)
2024-03-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5035854)
2024-03-13 00:00:00
prion
prion
Privilege escalation
2024-03-12 17:15:00
Denial of service
2024-03-12 17:15:00
Denial of service
2024-03-12 17:15:00
redos
redos
ROS-20240503-05
2024-05-03 00:00:00
mscve
mscve
Visual Studio Code Elevation of Privilege Vulnerability
2024-03-12 07:00:00
Microsoft QUIC Denial of Service Vulnerability
2024-03-12 07:00:00
.NET and Visual Studio Denial of Service Vulnerability
2024-03-12 07:00:00
cve
cve
CVE-2024-26165
2024-03-12 16:58:15
CVE-2024-26190
2024-03-12 16:57:52
CVE-2024-21392
2024-03-12 16:57:42
github
github
Remote Denial of Service Vulnerability in Microsoft QUIC
2024-03-13 17:14:43
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
2024-03-12 20:07:59
alpinelinux
alpinelinux
CVE-2024-26190
2024-03-12 17:15:57
CVE-2024-21392
2024-03-12 17:15:49
veracode
veracode
Denial Of Service (DoS)
2024-03-14 07:36:39
Denial Of Service (DoS)
2024-03-13 11:21:31
osv
osv
Remote Denial of Service Vulnerability in Microsoft QUIC
2024-03-13 17:14:43
Moderate: .NET 8.0 security update
2024-03-13 00:00:00
dotnet7, dotnet8 vulnerability
2024-03-12 18:42:27
ubuntucve
ubuntucve
CVE-2024-26190
2024-03-12 00:00:00
CVE-2024-21392
2024-03-12 00:00:00
redhat
redhat
(RHSA-2024:1310) Moderate: .NET 8.0 security update
2024-03-13 11:46:37
(RHSA-2024:1311) Moderate: .NET 8.0 security update
2024-03-13 11:46:45
(RHSA-2024:1309) Moderate: .NET 7.0 security update
2024-03-13 11:46:28
oraclelinux
oraclelinux
.NET 7.0 security update
2024-03-14 00:00:00
.NET 7.0 security update
2024-03-15 00:00:00
.NET 8.0 security update
2024-03-14 00:00:00
rocky
rocky
.NET 7.0 security update
2024-03-27 04:34:32
.NET 8.0 security update
2024-03-27 04:34:32
almalinux
almalinux
Moderate: .NET 7.0 security update
2024-03-13 00:00:00
Moderate: .NET 7.0 security update
2024-03-13 00:00:00
Moderate: .NET 8.0 security update
2024-03-13 00:00:00
ubuntu
ubuntu
.NET vulnerability
2024-03-12 00:00:00
redhatcve
redhatcve
CVE-2024-21392
2024-03-13 12:12:41
rapid7blog
rapid7blog
Patch Tuesday - March 2024
2024-03-12 19:47:44
kaspersky
kaspersky
KLA65126 Multiple vulnerabilities in Microsoft Windows
2024-03-12 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

17.6%

JSON
Related for KLA65128
mskb7nessus23openvas4prion3redos1mscve3cve3github2alpinelinux2veracode2osv9ubuntucve2redhat4oraclelinux4rocky2almalinux4ubuntu1redhatcve1rapid7blog1kaspersky1