Lucene search

K
openvasCopyright (C) 2018 Greenbone AGOPENVAS:1361412562310812950
HistoryFeb 27, 2018 - 12:00 a.m.

ASP.NET Core Multiple Vulnerabilities - Windows

2018-02-2700:00:00
Copyright (C) 2018 Greenbone AG
plugins.openvas.org
37

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.4%

ASP.NET Core is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:microsoft:asp.net_core";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.812950");
  script_version("2024-02-15T05:05:40+0000");
  script_cve_id("CVE-2018-0785", "CVE-2018-0784");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-15 05:05:40 +0000 (Thu, 15 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2019-10-03 00:03:00 +0000 (Thu, 03 Oct 2019)");
  script_tag(name:"creation_date", value:"2018-02-27 12:03:33 +0530 (Tue, 27 Feb 2018)");
  script_name("ASP.NET Core Multiple Vulnerabilities - Windows");

  script_tag(name:"summary", value:"ASP.NET Core is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to:

  - An error in the ASP.NET Core web application, created using vulnerable
    project templates, which fails to properly sanitize web requests.

  - An error in the individual authentication templates for ASP.NET Core.");

  script_tag(name:"impact", value:"Successful exploitation will allow an attacker
  who successfully exploited these vulnerabilities to change the recovery codes
  associated with the victim's user account without his/her consent.");

  script_tag(name:"affected", value:"ASP.NET Core 2.0 with .NET SDK version
  2.0.0, 2.0.2, 2.0.3, 2.1.2 and 2.1.3");

  script_tag(name:"solution", value:"Upgrade to ASP.NET Core 2.0 with .NET SDK
  version 2.1.4 or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"registry");

  script_xref(name:"URL", value:"https://github.com/aspnet/Announcements/issues/284");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/102379");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/102377");
  script_xref(name:"URL", value:"https://github.com/aspnet/Announcements/issues/285");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2018 Greenbone AG");
  script_family("Windows");
  script_dependencies("gb_asp_dotnet_core_detect_win.nasl");
  script_mandatory_keys("ASP.NET/Core/Ver", ".NET/Core/SDK/Ver");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

coreVers = infos['version'];
path = infos['location'];

if(coreVers =~ "^2\.0")
{
  sdkVer = get_kb_item(".NET/Core/SDK/Ver");
  affected = make_list("2.0.0", "2.0.2", "2.0.3", "2.1.2", "2.1.3");
  foreach affecVer (affected)
  {
    if(sdkVer == affecVer)
    {
      report = report_fixed_ver(installed_version:"ASP .NET Core With Microsoft .NET Core SDK " + sdkVer,
               fixed_version:"ASP .NET Core With Microsoft .NET Core SDK 2.1.4", install_path:path);
      security_message(data:report);
      exit(0);
    }
  }
}
exit(0);

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.4%