Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2017/11/20 12:0 a.m.67 views

Microsoft ASP.NET Core Elevation Of Privilege Vulnerability

This host is missing an important security update according to Microsoft advisory CVE-2017-11879. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

8.8CVSS8.6AI score0.09398EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/11/17 12:0 a.m.93 views

Security Update ASP .NET Core September 2017

The remote Windows host has an installation of ASP.NET Core runtime package store with a version less than 2.0.12219.0. Therefore the host is affected by multiple vulnerabilities : - An open redirect vulnerability that can lead to an escalation of privilege. CVE-2017-11879 - A flaw that is...

8.8CVSS7.4AI score0.09398EPSS
Exploits0References6
NVD
NVD
added 2017/11/15 3:29 a.m.23 views

CVE-2017-11879

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability"...

8.8CVSS8.6AI score0.09398EPSS
Exploits0References3
OSV
OSV
added 2017/11/15 3:29 a.m.19 views

CVE-2017-11879

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability"...

8.8CVSS6.5AI score0.09398EPSS
Exploits0References3
CVE
CVE
added 2017/11/15 3:0 a.m.104 views

CVE-2017-11879

CVE-2017-11879 affects ASP.NET Core 2.0. The vulnerability allows an attacker to steal login session information (cookies or authentication tokens) via a specially crafted URL, described as an Elevation of Privilege in ASP.NET Core. The affected component is ASP.NET Core 2.0 runtime; root cause i...

8.8CVSS8.4AI score0.09398EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder