Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.812950
Kategorie:Windows
Titel:ASP.NET Core Multiple Vulnerabilities (Windows)
Zusammenfassung:This host is installed with ASP.NET Core; and is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is installed with ASP.NET Core
and is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to,

- An error in the ASP.NET Core web application, created using vulnerable
project templates, which fails to properly sanitize web requests.

- An error in the individual authentication templates for ASP.NET Core.

Vulnerability Impact:
Successful exploitation will allow an attacker
who successfully exploited these vulnerabilities to change the recovery codes
associated with the victim's user account without his/her consent.

Affected Software/OS:
ASP.NET Core 2.0 with .NET SDK version
2.0.0, 2.0.2, 2.0.3, 2.1.2 and 2.1.3

Solution:
Upgrade to ASP.NET Core 2.0 with .NET SDK
version 2.1.4 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 102379
BugTraq ID: 102377
Common Vulnerability Exposure (CVE) ID: CVE-2018-0785
http://www.securityfocus.com/bid/102379
http://www.securitytracker.com/id/1040151
Common Vulnerability Exposure (CVE) ID: CVE-2018-0784
http://www.securityfocus.com/bid/102377
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.