CVE-2024-0057 | THREATINT

Assigner	microsoft
Reserved	2023-11-22
Published	2024-01-09
Updated	2024-10-08

Description

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

CRITICAL: 9.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C

Problem types

CWE-20: Improper Input Validation

Product status

1.0.0 before 8.0.1

affected

7.0.0 before 7.0.15

affected

6.0.0 before 6.0.26

affected

17.2.0 before 17.2.23

affected

16.11.0 before 16.11.34

affected

17.4.0 before 17.4.15

affected

17.6.0 before 17.6.11

affected

17.8.0 before 17.8.4

affected

5.11.0 before 5.11.6.0

affected

17.4.0 before 17.4.3.0

affected

17.6.0 before 17.6.2.0

affected

17.8.0 before 17.8.1.0

affected

7.2.0 before 7.2.18

affected

7.3.0 before 7.3.11

affected

7.4.0 before 7.4.2

affected

4.8.0 before 4.8.04690.02

affected

4.8.0 before 4.8.04690.01

affected

4.8.0 before 4.8.04690.02

affected

4.7.0 before 4.7.04081.03

affected

4.7.0 before 10.0.14393.6614

affected

4.7.0 before 4.7.04081.02

affected

4.7.0 before 4.7.04081.03

affected

4.7.0 before 3.0.50727.8976

affected

4.8.1 before 4.8.09214.01

affected

2.0.0 before 3.0.50727.8976

affected

3.0.0 before 3.0.50727.8976

affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 (NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability) vendor-advisory

cve.org CVE-2024-0057

nvd.nist.gov CVE-2024-0057

Download JSON