ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/103282 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040525 | Third Party Advisory VDB Entry |
https://github.com/aspnet/Announcements/issues/295 | Technical Description Third Party Advisory |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2018-03-14T00:00:00
Updated: 2018-03-15T09:57:02
Reserved: 2017-12-01T00:00:00
Link: CVE-2018-0787
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-14T17:29:00.370
Modified: 2018-04-11T15:07:12.833
Link: CVE-2018-0787
JSON object: View
Redhat Information
No data.
CWE