47 matches found
MiracleLinux 8 : dotnet7.0-7.0.109-1.el8.ML.1 (AXSA:2023-6236:23)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6236:23 advisory. dotnet: race condition in Core SignInManager PasswordSignInAsync method CVE-2023-33170 Tenable has extracted the preceding description block directly from th...
MiracleLinux 9 : dotnet6.0-6.0.120-1.el9.ML.1 (AXSA:2023-6235:18)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6235:18 advisory. dotnet: race condition in Core SignInManager PasswordSignInAsync method CVE-2023-33170 Tenable has extracted the preceding description block directly from th...
MiracleLinux 8 : dotnet6.0-6.0.120-1.el8.ML.1 (AXSA:2023-6237:19)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6237:19 advisory. dotnet: race condition in Core SignInManager PasswordSignInAsync method CVE-2023-33170 Tenable has extracted the preceding description block directly from th...
TencentOS Server 3: .NET 7.0 (TSSA-2023:0182)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0182 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
RLSA-2023:4059 Important: .NET 6.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. The following packages have been upgraded to a later upstream version: dotnet6.0 SDK 6.0.120, Runtime 6.0.20. BZ2219639 Security Fixes: dotnet: race...
RLSA-2023:4058 Important: .NET 7.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. The following packages have been upgraded to a later upstream version: dotnet7.0 SDK 7.0.109, Runtime 7.0.9. BZ2219633 Security Fixes: dotnet: race...
Security Bulletin: A vulnerability in MicrosoftAspNetCore.Identity affects IBM Robotic Process Automation and may result in allowing an attacker to bypass secrity restrictions (CVE-2023-33170).
Summary Microsoft.AspNetCore.Identity is used by IBM Robotic Process Automation as part of login functionality. CVE-2023-33170 Vulnerability Details CVEID:CVE-2023-33170 DESCRIPTION: Microsoft SharePoint Server could allow a remote attacker to bypass security restrictions. By winning a race...
Rocky Linux 8 : .NET 7.0 (RLSA-2023:4058)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:4058 advisory. - ASP.NET and Visual Studio Security Feature Bypass Vulnerability CVE-2023-33170 Note that Nessus has not tested for this issue but has instead relied only on th...
Amazon Linux 2023 : aspnetcore-runtime-6.0, aspnetcore-targeting-pack-6.0, dotnet (ALAS2023-2023-302)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-302 advisory. ASP.NET and Visual Studio Security Feature Bypass Vulnerability CVE-2023-33170 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus...
Important: Red Hat Security Advisory: .NET 6.0 security update
An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
RHEL 8 : .NET 6.0 (RHSA-2023:4448)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4448 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
Fedora: Security Advisory for dotnet7.0 (FEDORA-2023-d25e798d6c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for dotnet6.0 (FEDORA-2023-feda45bc39)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : dotnet6.0 (2023-feda45bc39)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-feda45bc39 advisory. This is the July 2023 update for .NET 6. It updates the SDK to 6.0.120 and Runtime to 6.0.20. https://github.com/dotnet/announcements/issues/262...
Fedora 38 : dotnet7.0 (2023-d25e798d6c)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d25e798d6c advisory. This is the July 2023 monthly update for .NET 7. It updates the SDK to 7.0.109 and Runtime to 7.0.9...
Oracle Linux 8 : .NET / 7.0 (ELSA-2023-4058)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4058 advisory. 7.0.109-1.0.1 - Set TargetRid based on os release major version, add OL arm64 RuntimeIdentifier Orabug: 34671152 7.0.109-1 - Update to .NET SDK 7.0.109 and...
Oracle Linux 8 : .NET / 6.0 (ELSA-2023-4059)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4059 advisory. 6.0.120-1.0.1 - Add missing Oracle Linux Runtime IDs 6.0.120-1 - Update to .NET SDK 6.0.120 and Runtime 6.0.20 - Resolves: RHBZ2219637 Tenable has extracted the...
AlmaLinux 8 : .NET 6.0 (ALSA-2023:4059)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4059 advisory. - ASP.NET and Visual Studio Security Feature Bypass Vulnerability CVE-2023-33170 Note that Nessus has not tested for this issue but has instead relied only on the...
Security Update for .NET Core SDK (July 2023)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2023July11 advisory. - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2023-33127 - A...
AlmaLinux 9 : .NET 7.0 (ALSA-2023:4057)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4057 advisory. - ASP.NET and Visual Studio Security Feature Bypass Vulnerability CVE-2023-33170 Note that Nessus has not tested for this issue but has instead relied only on the...