Описание
.NET Framework Information Disclosure Vulnerability
FAQ
**What type of information could be disclosed by this vulnerability? **
An attacker who successfully exploited this vulnerability could obtain the ObjRef URI which could lead to remote code execution.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems | ||
| Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems | ||
| Microsoft .NET Framework 4.8 on Windows Server 2016 | ||
| Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) | ||
| Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | ||
| Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | ||
| Microsoft .NET Framework 4.8 on Windows Server 2012 | ||
| Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) |
Показывать по
10
Возможность эксплуатации
Publicly Disclosed
No
Exploited
No
Latest Software Release
Exploitation More Likely
DOS
N/A
EPSS
Процентиль: 100%
0.93859
Критический
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
github
почти 2 года назад
.NET Framework Information Disclosure Vulnerability
CVSS3: 7.5
fstec
почти 2 года назад
Уязвимость программной платформы Microsoft .NET Framework, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
Процентиль: 100%
0.93859
Критический
7.5 High
CVSS3