Vulnerability CVE-2021-43877: Information

Description

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-43877
Published: Dec. 15, 2021
Modified: Dec. 28, 2023

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
dotnet-aspnetcore-3.1p103.1.22-alt13.1.32-alt1ALT-PU-2022-1356-1295271Fixed
dotnet-aspnetcore-3.1p93.1.22-alt13.1.22-alt1ALT-PU-2022-1552-1295274Fixed
dotnet-aspnetcore-3.1c10f13.1.22-alt13.1.32-alt1ALT-PU-2022-1356-1295271Fixed
dotnet-aspnetcore-5.0p105.0.14-alt15.0.17-alt1ALT-PU-2022-1359-1295271Fixed
dotnet-aspnetcore-5.0p95.0.14-alt15.0.14-alt1ALT-PU-2022-1546-1295274Fixed
dotnet-aspnetcore-5.0c10f15.0.14-alt15.0.17-alt1ALT-PU-2022-1359-1295271Fixed
dotnet-bootstrap-3.1p103.1.22-alt13.1.32-alt1ALT-PU-2022-1352-1295271Fixed
dotnet-bootstrap-3.1p93.1.22-alt13.1.22-alt1ALT-PU-2022-1548-1295274Fixed
dotnet-bootstrap-3.1c10f13.1.22-alt13.1.32-alt1ALT-PU-2022-1352-1295271Fixed
dotnet-bootstrap-5.0p105.0.14-alt15.0.17-alt1ALT-PU-2022-1357-1295271Fixed
dotnet-bootstrap-5.0p95.0.14-alt15.0.14-alt1ALT-PU-2022-1544-1295274Fixed
dotnet-bootstrap-5.0c10f15.0.14-alt15.0.17-alt1ALT-PU-2022-1357-1295271Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877
  • Patch
  • Vendor Advisory

    1. Configuration 1

      cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
      cpe:2.3:a:microsoft:asp.net_core:5.0:*:*:*:*:*:*:*
      cpe:2.3:a:microsoft:visual_studio_2019:16.7:*:*:*:*:*:*:*
      cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*
      cpe:2.3:a:microsoft:visual_studio_2019:16.11:*:*:*:*:*:*:*
      cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
      cpe:2.3:a:microsoft:asp.net_core:6.0:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top