7 matches found
dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method
A flaw was found in the SignInManager.RefreshSignInAsync method. This flaw allows an attacker with local access and low privileges to escalate privileges. The issue might lead to unauthorized access or manipulation of authentication sessions...
dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method
A flaw was found in the SignInManager.RefreshSignInAsync method. This flaw allows an attacker with local access and low privileges to escalate privileges. The issue might lead to unauthorized access or manipulation of authentication sessions...
Improper Authentication
Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...
Improper Authentication
Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...
Improper Authentication
Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...
Improper Authentication
Overview Microsoft.AspNetCore.App.Runtime.osx-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync function method, which does not verify the identity of the calling TUser, allowing an attacker to escalate privileges to that of another user. Remediation Upgrade...