Lucene search
HistoryJan 11, 2022 - 9:15 p.m.
CVE-2022-21911
.net
framework
denial of service
vulnerability
cve-2022-21911
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
47.1%
.NET Framework Denial of Service Vulnerability
Affected configurations
Node
microsoft.net_frameworkRange4.0.0.0â4.7.2
ORmicrosoft.net_frameworkRange4.8.0â4.8
ORmicrosoft.net_frameworkRange4.8.0â4.8
ORmicrosoft.net_frameworkRange4.7.0â4.7.2
ORmicrosoft.net_frameworkRange4.7.0â4.7.2
ORmicrosoft.net_frameworkRange3.0.0.0â4.7.2
ORmicrosoft.net_frameworkRange2.0.0â2.0 service pack 2
ORmicrosoft.net_frameworkRange4.0.0.0â4.6
ORmicrosoft.net_frameworkRange3.5.0â3.5
ORmicrosoft.net_frameworkRange3.5.0â3.5.1
ORmicrosoft.net_frameworkRange4.0.0.0â4.5.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
| microsoft | .net_framework | * | cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2012 (Server Core installation)",
"Windows 8.1 for x64-based systems",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012 R2 (Server Core installation)",
"Windows 7 for x64-based Systems Service Pack 1",
"Windows RT 8.1",
"Windows 8.1 for 32-bit systems",
"Windows Server 2012 R2",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows 7 for 32-bit Systems Service Pack 1",
"Windows Server 2012"
],
"versions": [
{
"version": "4.0.0.0",
"lessThan": "4.7.3905.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.8",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server, version 20H2 (Server Core Installation)",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 20H2 for ARM64-based Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows Server 2019 (Server Core installation)",
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows Server 2019",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 21H1 for x64-based Systems",
"Windows 10 Version 21H1 for ARM64-based Systems",
"Windows 10 Version 21H1 for 32-bit Systems",
"Windows 10 Version 21H2 for 32-bit Systems",
"Windows 10 Version 21H2 for ARM64-based Systems",
"Windows Server 2022",
"Windows Server 2022 (Server Core installation)",
"Windows 11 version 21H2 for x64-based Systems"
],
"versions": [
{
"version": "4.8.0",
"lessThan": "4.8.4465.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.8",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2012 (Server Core installation)",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows 8.1 for 32-bit systems",
"Windows Server 2016 (Server Core installation)",
"Windows RT 8.1",
"Windows Server 2012 R2 (Server Core installation)",
"Windows Server 2012 R2",
"Windows 7 for 32-bit Systems Service Pack 1",
"Windows 8.1 for x64-based systems",
"Windows Server 2012",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows 7 for x64-based Systems Service Pack 1",
"Windows Server 2016"
],
"versions": [
{
"version": "4.8.0",
"lessThan": "4.8.4465.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 for x64-based Systems",
"Windows Server 2019 (Server Core installation)",
"Windows 10 for 32-bit Systems"
],
"versions": [
{
"version": "4.7.0",
"lessThan": "4.7.3905.0",
"versionType": "custom",
"status": "affected"
},
{
"version": "4.7.0",
"lessThan": "10.0.10240.19177",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
"cpes": [
"cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows Server 2016 (Server Core installation)"
],
"versions": [
{
"version": "3.0.0.0",
"lessThan": "10.0.14393.4886",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 2.0 Service Pack 2",
"cpes": [
"cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"versions": [
{
"version": "2.0.0",
"lessThan": "2.0.50727.8955",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.6",
"cpes": [
"cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for x64-based Systems Service Pack 2",
"Windows Server 2008 for 32-bit Systems Service Pack 2"
],
"versions": [
{
"version": "4.0.0.0",
"lessThan": "4.7.3905.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 8.1 for 32-bit systems",
"Windows 8.1 for x64-based systems",
"Windows Server 2012",
"Windows Server 2012 (Server Core installation)",
"Windows Server 2012 R2",
"Windows Server 2012 R2 (Server Core installation)"
],
"versions": [
{
"version": "3.5.0",
"lessThan": "2.0.50727.8955",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 3.5.1",
"cpes": [
"cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 7 for 32-bit Systems Service Pack 1",
"Windows 7 for x64-based Systems Service Pack 1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1"
],
"versions": [
{
"version": "3.5.0",
"lessThan": "2.0.50727.8955",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft .NET Framework 4.5.2",
"cpes": [
"cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 7 for 32-bit Systems Service Pack 1",
"Windows 7 for x64-based Systems Service Pack 1",
"Windows 8.1 for 32-bit systems",
"Windows 8.1 for x64-based systems",
"Windows RT 8.1",
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2",
"Windows Server 2012",
"Windows Server 2012 R2 (Server Core installation)",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2012 R2",
"Windows Server 2012 (Server Core installation)"
],
"versions": [
{
"version": "4.0.0.0",
"lessThan": "4.0.30319.36720",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
mskb
mskb
Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB5009721)
2022-01-11 08:00:00
prion
prion
Denial of service
2022-01-11 21:15:00
openvas
openvas
Microsoft .NET Framework DoS Vulnerability (KB5008879)
2022-01-12 00:00:00
Microsoft .NET Framework DoS Vulnerability (KB5013625)
2022-05-11 00:00:00
Microsoft .NET Framework DoS Vulnerability (KB5009718)
2022-01-12 00:00:00
nessus
nessus
Security Updates for Microsoft .NET Framework (January 2022)
2022-12-05 00:00:00
KB5009585: Windows 10 LTS 1507 Security Updates (January 2022)
2022-01-11 00:00:00
cvelist
cvelist
CVE-2022-21911 .NET Framework Denial of Service Vulnerability
2022-01-11 20:23:12
mscve
mscve
.NET Framework Denial of Service Vulnerability
2022-01-11 08:00:00
nvd
nvd
CVE-2022-21911
2022-01-11 21:15:13
kaspersky
kaspersky
KLA12421 Multiple vulnerabilities in Microsoft Developer Tools
2022-01-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2022
2022-01-11 21:41:56
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.7 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
47.1%
Related for CVE-2022-21911