CVE-2018-8171
Description
A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka ASP.NET Security Feature Bypass Vulnerability. This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
16.315
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity 1.0.6 | Windows |
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity 1.1.6 | Windows |
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity 2.0.4 | Windows |
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity 2.1.2 | Windows |
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity for Linux 1.0.6 | Linux |
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity for Linux 1.1.6 | Linux |
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity for Linux 2.0.4 | Linux |
| Vulnerabilities CVE-2018-8171 are fixed in Nuget - Microsoft.AspNetCore.Identity for Linux 2.1.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234