CVE-2018-0787

State: PUBLISHED · Published: 2018-03-14 · Updated: 2024-09-16 · Assigner: microsoft

Description

ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".

CWE

(none)

Affected

Microsoft Corporation / ASP.NET Core — v=ASP.NET Core 1.0. 1.1, and 2.0 [affected]

CVSS

(none)

References

http://www.securitytracker.com/id/1040525 vdb-entry, x_refsource_SECTRACK
https://github.com/aspnet/Announcements/issues/295 x_refsource_CONFIRM
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787 x_refsource_CONFIRM
http://www.securityfocus.com/bid/103282 vdb-entry, x_refsource_BID

Source

cvelistV5-main/cves/2018/0xxx/CVE-2018-0787.json