Lucene search

GoogleOSV:BIT-DOTNET-2024-26190

HistoryJun 04, 2024 - 9:39 a.m.

BIT-dotnet-2024-26190

2024-06-0409:39:22

Google

osv.dev

microsoft

quic

denial of service

vulnerability

bit-dotnet-2024-26190

software

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.1%

JSON

Microsoft QUIC Denial of Service Vulnerability

CPENameOperatorVersion
dotnetlt7.0.17
dotnetge8.0.0
dotnetlt8.0.3
dotnetge7.0.0

Name	Operator	Version
dotnet	lt	7.0.17
dotnet	ge	8.0.0
dotnet	lt	8.0.3
dotnet	ge	7.0.0

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for OSV:BIT-DOTNET-2024-26190