CVE-2021-34532
Description
ASP.NET Core and Visual Studio Information Disclosure Vulnerability
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.29
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-34532 are fixed in Update for AspNet Core (x64) (2.1.30) | Windows |
| Vulnerabilities CVE-2021-34532 are fixed in Update for AspNet Core (x86) (2.1.30) | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Community 2019 16.10.5 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Community 2019 16.9.10 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Community 2019 16.7.18 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Community 2019 16.4.25 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Enterprise 2019 16.10.5 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Enterprise 2019 16.9.10 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Enterprise 2019 16.7.18 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Enterprise 2019 16.4.25 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Professional 2019 16.10.5 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Professional 2019 16.9.10 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Professional 2019 16.7.18 | Windows |
| Vulnerabilities CVE-2021-26423,CVE-2021-34485,CVE-2021-34532 are fixed in Microsoft Visual Studio Professional 2019 16.4.25 | Windows |
| Vulnerabilities CVE-2021-34532 are fixed in Nuget - Microsoft.AspNetCore.Authentication.JwtBearer 3.1.18 | Windows |
| Vulnerabilities CVE-2021-34532 are fixed in Nuget - Microsoft.AspNetCore.Authentication.JwtBearer 5.0.9 | Windows |
| Vulnerabilities CVE-2021-34532 are fixed in Nuget - Microsoft.AspNetCore.Authentication.JwtBearer 2.1.29 | Windows |
| Aspnetcore-runtime-3.1 update (ELSA-2021-3142) aspnetcore-runtime-3.1-3.1.18-1.0.1.el8_4.x86_64.rpm | Linux |
| Aspnetcore-targeting-pack-3.1 update (ELSA-2021-3142) aspnetcore-targeting-pack-3.1-3.1.18-1.0.1.el8_4.x86_64.rpm | Linux |
| Dotnet-apphost-pack-3.1 update (ELSA-2021-3142) dotnet-apphost-pack-3.1-3.1.18-1.0.1.el8_4.x86_64.rpm | Linux |
| Dotnet-hostfxr-3.1 update (ELSA-2021-3142) dotnet-hostfxr-3.1-3.1.18-1.0.1.el8_4.x86_64.rpm | Linux |
| Dotnet-runtime-3.1 update (ELSA-2021-3142) dotnet-runtime-3.1-3.1.18-1.0.1.el8_4.x86_64.rpm | Linux |
| Dotnet-sdk-3.1 update (ELSA-2021-3142) dotnet-sdk-3.1-3.1.118-1.0.1.el8_4.x86_64.rpm | Linux |
| Dotnet-targeting-pack-3.1 update (ELSA-2021-3142) dotnet-targeting-pack-3.1-3.1.18-1.0.1.el8_4.x86_64.rpm | Linux |
| Dotnet-templates-3.1 update (ELSA-2021-3142) dotnet-templates-3.1-3.1.118-1.0.1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update aspnetcore-runtime-5.0-5.0.9-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update aspnetcore-targeting-pack-5.0-5.0.9-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-5.0.206-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-apphost-pack-5.0-5.0.9-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-host-5.0.9-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-hostfxr-5.0-5.0.9-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-runtime-5.0-5.0.9-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-sdk-5.0-5.0.206-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-targeting-pack-5.0-5.0.9-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet-templates-5.0-5.0.206-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update dotnet5.0-debugsource-5.0.206-1.el8_4.x86_64.rpm | Linux |
| (RHSA-2021:3148) .NET 5.0 security and bugfix update netstandard-targeting-pack-2.1-5.0.206-1.el8_4.x86_64.rpm | Linux |
| Vulnerabilities CVE-2021-34532 are fixed in Nuget - Microsoft.AspNetCore.Authentication.JwtBearer for Linux 3.1.18 | Linux |
| Vulnerabilities CVE-2021-34532 are fixed in Nuget - Microsoft.AspNetCore.Authentication.JwtBearer for Linux 5.0.9 | Linux |
| Vulnerabilities CVE-2021-34532 are fixed in Nuget - Microsoft.AspNetCore.Authentication.JwtBearer for Linux 2.1.29 | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-108337 | Update for AspNet Core (x64) (2.1.30) |
| PATCH-108340 | Update for AspNet Core (x86) (2.1.30) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234