CVE-2018-0787
Description
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka ASP.NET Core Elevation Of Privilege Vulnerability.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
17.477
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-0787 are fixed in Nuget - Microsoft.AspNetCore.Server.Kestrel.Core 2.0.2 | Windows |
| Vulnerabilities CVE-2018-0787 are fixed in Nuget - Microsoft.AspNetCore.HttpOverrides 2.0.2 | Windows |
| Vulnerabilities CVE-2018-0787 are fixed in Nuget - Microsoft.AspNetCore.Server.Kestrel.Core for Linux 2.0.2 | Linux |
| Vulnerabilities CVE-2018-0787 are fixed in Nuget - Microsoft.AspNetCore.HttpOverrides for Linux 2.0.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234