Описание
.NET Core and Visual Studio Information Disclosure Vulnerability
FAQ
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of a specific dump file. The attacker needs to have local access to the target system and the dump file needs to be created in a specific way by a target on that same system.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| .NET Core 2.1 | ||
| Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | ||
| Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) | ||
| .NET Core 3.1 | ||
| PowerShell 7.0 | ||
| .NET 5.0 | ||
| Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) | ||
| Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) | ||
| Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9) | ||
| PowerShell 7.1 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
5 Medium
CVSS3
Связанные уязвимости
.NET Core and Visual Studio Information Disclosure Vulnerability
.NET Core and Visual Studio Information Disclosure Vulnerability
ELSA-2021-3145: .NET Core 2.1 security and bugfix update (LOW)
Уязвимость средства разработки программного обеспечения Microsoft Visual Studio, связанная с недостаточной защитой служебных данных, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
5 Medium
CVSS3