CVE-2024-0057 | THREATINT

Home

Description

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

PUBLISHED Reserved 2023-11-22 | Published 2024-01-09 | Updated 2025-06-03 | Assigner microsoft

CRITICAL: 9.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C

Problem types

CWE-20: Improper Input Validation

Product status

8.0 (custom) before 8.0.1

affected

7.0.0 (custom) before 7.0.15

affected

6.0.0 (custom) before 6.0.26

affected

17.2.0 (custom) before 17.2.23

affected

16.11.0 (custom) before 16.11.34

affected

17.4.0 (custom) before 17.4.15

affected

17.6.0 (custom) before 17.6.11

affected

17.8.0 (custom) before 17.8.4

affected

5.11.0 (custom) before 5.11.6.0

affected

17.4.0 (custom) before 17.4.3.0

affected

17.6.0 (custom) before 17.6.2.0

affected

17.8.0 (custom) before 17.8.1.0

affected

7.2.0 (custom) before 7.2.18

affected

7.3.0 (custom) before 7.3.11

affected

7.4.0 (custom) before 7.4.2

affected

4.8.0 (custom) before 4.8.04690.02

affected

4.8.0 (custom) before 4.8.04690.02

affected

4.7.0 (custom) before 4.7.04081.03

affected

4.7.0 (custom) before 4.7.04081.02

affected

4.8.1 (custom) before 4.8.09214.01

affected

2.0.0 (custom) before 3.0.50727.8976

affected

3.0.0 (custom) before 3.0.50727.8976

affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 (NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability) vendor-advisory

security.netapp.com/advisory/ntap-20240208-0007/

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 (NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability) vendor-advisory

cve.org (CVE-2024-0057)

nvd.nist.gov (CVE-2024-0057)