CVE-2021-26701
Description
.NET Core Remote Code Execution Vulnerability
Risk Information
Base Score
8.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
4.696
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-1721,CVE-2021-24112,CVE-2021-26423,CVE-2021-26701,CVE-2021-34485 are fixed in Update for AspNet Core (x64) (2.1.30) | Windows |
| Vulnerabilities CVE-2021-1721,CVE-2021-24112,CVE-2021-26423,CVE-2021-26701,CVE-2021-34485 are fixed in Update for AspNet Core (x86) (2.1.30) | Windows |
| Multiple Vulnerabilities are affected in Microsoft Visual Studio Community 2019 16.8 | Windows |
| Multiple Vulnerabilities are affected in Microsoft Visual Studio Enterprise 2019 16.8 | Windows |
| Multiple Vulnerabilities are affected in Microsoft Visual Studio Professional 2019 16.8 | Windows |
| Vulnerabilities CVE-2021-26701 are fixed in Nuget - System.Text.Encodings.Web 4.5.1 | Windows |
| Vulnerabilities CVE-2021-26701 are fixed in Nuget - System.Text.Encodings.Web 4.7.2 | Windows |
| Vulnerabilities CVE-2021-26701 are fixed in Nuget - System.Text.Encodings.Web 5.0.1 | Windows |
| (RHSA-2021:0788) dotnet security and bugfix update dotnet-debugsource-2.1.522-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0788) dotnet security and bugfix update dotnet-host-fxr-2.1-2.1.26-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0788) dotnet security and bugfix update dotnet-runtime-2.1-2.1.26-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0788) dotnet security and bugfix update dotnet-sdk-2.1-2.1.522-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0788) dotnet security and bugfix update dotnet-sdk-2.1.5xx-2.1.522-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update aspnetcore-runtime-3.1-3.1.13-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update aspnetcore-targeting-pack-3.1-3.1.13-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update dotnet-apphost-pack-3.1-3.1.13-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update dotnet-hostfxr-3.1-3.1.13-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update dotnet-runtime-3.1-3.1.13-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update dotnet-sdk-3.1-3.1.113-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update dotnet-targeting-pack-3.1-3.1.13-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update dotnet-templates-3.1-3.1.113-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0790) dotnet3.1 security and bugfix update dotnet3.1-debugsource-3.1.113-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update aspnetcore-runtime-5.0-5.0.4-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update aspnetcore-targeting-pack-5.0-5.0.4-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-5.0.104-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-apphost-pack-5.0-5.0.4-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-host-5.0.4-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-hostfxr-5.0-5.0.4-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-runtime-5.0-5.0.4-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-sdk-5.0-5.0.104-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-targeting-pack-5.0-5.0.4-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet-templates-5.0-5.0.104-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update dotnet5.0-debugsource-5.0.104-1.el8_3.x86_64.rpm | Linux |
| (RHSA-2021:0793) .NET Core on RHEL 8 security and bugfix update netstandard-targeting-pack-2.1-5.0.104-1.el8_3.x86_64.rpm | Linux |
| Vulnerabilities CVE-2021-26701 are fixed in Nuget - System.Text.Encodings.Web for Linux 4.5.1 | Linux |
| Vulnerabilities CVE-2021-26701 are fixed in Nuget - System.Text.Encodings.Web for Linux 4.7.2 | Linux |
| Vulnerabilities CVE-2021-26701 are fixed in Nuget - System.Text.Encodings.Web for Linux 5.0.1 | Linux |
| CVE-2021-26701 | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-108337 | Update for AspNet Core (x64) (2.1.30) |
| PATCH-108340 | Update for AspNet Core (x86) (2.1.30) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234