Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:37976
HistoryNov 10, 2022 - 1:49 p.m.

Information Disclosure

2022-11-1013:49:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20

5.8 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

1.4 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:H/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

14.9%

JSON

System.Data.SqlClient and Microsoft.Data.SqlClient packages in the .NET framework are vulnerable to information disclosure. The vulnerability occurs during heavy load, which lets an attacker access arbitrary data from asynchronously executed queries.

Related

mskb 21
github 1
cve 1
openvas 4
ubuntucve 1
ibm 3
osv 1
mscve 1
prion 1
nessus 3
kaspersky 1
rapid7blog 1
mskb
mskb
November 8, 2022-KB5020692 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2
2022-11-08 08:00:00
November 8, 2022-Security Only Update for .NET Framework 4.6.2 for Windows Server 2008 SP2 (KB5020681)
2022-11-08 08:00:00
November 8, 2022-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB5020678)
2022-11-08 08:00:00
github
github
.NET Information Disclosure Vulnerability
2022-11-08 23:00:22
cve
cve
CVE-2022-41064
2022-11-09 22:15:00
openvas
openvas
Microsoft .NET Framework Information Disclosure Vulnerability (KB5020689)
2023-02-02 00:00:00
Microsoft .NET Framework Information Disclosure Vulnerability (KB5020690)
2023-02-02 00:00:00
Microsoft .NET Framework Information Disclosure Vulnerability (KB5020688)
2023-02-02 00:00:00
ubuntucve
ubuntucve
CVE-2022-41064
2022-11-09 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in Microsoft .NET Framework may affect IBM Robotic Process Automation and result in an exposure of sensitive information (CVE-2022-41064)
2023-03-08 20:18:19
Security Bulletin: A vulnerability in Microsoft .NET Framework may affect IBM Robotic Process Automation and result in an exposure of sensitive information (CVE-2022-41064)
2023-09-11 16:04:21
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.
2023-01-30 21:27:00
osv
osv
.NET Information Disclosure Vulnerability
2022-11-08 23:00:22
mscve
mscve
.NET Framework Information Disclosure Vulnerability
2022-11-08 08:00:00
prion
prion
Information disclosure
2022-11-09 22:15:00
nessus
nessus
Security Updates for Microsoft .NET Framework (November 2022)
2022-11-10 00:00:00
KB5019970: Windows 10 LTS 1507 Security Update (November 2022)
2022-11-08 00:00:00
KB5019964: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2022)
2022-11-08 00:00:00
kaspersky
kaspersky
KLA20040 Multiple vulnerabilities in Microsoft Developer Tools
2022-11-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2022
2022-11-08 20:02:57

5.8 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

1.4 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:H/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

14.9%

JSON
Related for VERACODE:37976
mskb21github1cve1openvas4ubuntucve1ibm3osv1mscve1prion1nessus3kaspersky1rapid7blog1