Vulnerability BDU:2021-04773: Information

Description

Уязвимость программного средства .NET Core, расширяемого средства автоматизации PowerShell Core и средства разработки программного обеспечения Visual Studio, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://bdu.fstec.ru/vul/2021-04773

Published: Aug. 10, 2021

Modified: Aug. 10, 2021

Error type identifier: CWE-20

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
dotnet-bootstrap-3.1	p10	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1352-1	295271	Fixed
dotnet-bootstrap-3.1	p9	3.1.22-alt1	3.1.22-alt1	ALT-PU-2022-1548-1	295274	Fixed
dotnet-bootstrap-3.1	c10f1	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1352-1	295271	Fixed
dotnet-bootstrap-5.0	p10	5.0.14-alt1	5.0.17-alt1	ALT-PU-2022-1357-1	295271	Fixed
dotnet-bootstrap-5.0	p9	5.0.14-alt1	5.0.14-alt1	ALT-PU-2022-1544-1	295274	Fixed
dotnet-bootstrap-5.0	c10f1	5.0.14-alt1	5.0.17-alt1	ALT-PU-2022-1357-1	295271	Fixed
dotnet-coreclr-3.1	p10	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1353-1	295271	Fixed
dotnet-coreclr-3.1	p9	3.1.22-alt1	3.1.22-alt1	ALT-PU-2022-1549-1	295274	Fixed
dotnet-coreclr-3.1	c10f1	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1353-1	295271	Fixed
dotnet-corefx-3.1	p10	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1355-1	295271	Fixed
dotnet-corefx-3.1	p9	3.1.22-alt1	3.1.22-alt1	ALT-PU-2022-1551-1	295274	Fixed
dotnet-corefx-3.1	c10f1	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1355-1	295271	Fixed
dotnet-hostfxr-3.1	p10	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1354-1	295271	Fixed
dotnet-hostfxr-3.1	p9	3.1.22-alt1	3.1.22-alt1	ALT-PU-2022-1550-1	295274	Fixed
dotnet-hostfxr-3.1	c10f1	3.1.22-alt1	3.1.32-alt1	ALT-PU-2022-1354-1	295271	Fixed
dotnet-runtime-5.0	p10	5.0.14-alt1	5.0.17-alt1	ALT-PU-2022-1358-1	295271	Fixed
dotnet-runtime-5.0	p9	5.0.14-alt1	5.0.14-alt1	ALT-PU-2022-1545-1	295274	Fixed
dotnet-runtime-5.0	c10f1	5.0.14-alt1	5.0.17-alt1	ALT-PU-2022-1358-1	295271	Fixed
powershell	sisyphus	7.2.1-alt1	7.4.1-alt1	ALT-PU-2022-1272-1	295264	Fixed
powershell	p10	7.2.1-alt1	7.3.6-alt1	ALT-PU-2022-1360-1	295271	Fixed
powershell	c10f1	7.2.1-alt1	7.2.1-alt1	ALT-PU-2022-1360-1	295271	Fixed
powershell	p11	7.2.1-alt1	7.4.1-alt1	ALT-PU-2022-1272-1	295264	Fixed

References to Advisories, Solutions, and Tools

Vulnerability Status	Подтверждена производителем
Presence of an exploit	Данные уточняются
Fix status	Уязвимость устранена
Software Type	Прикладное ПО информационных систем
Solution	Использование рекомендаций: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26423
Sources	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26423 https://www.cybersecurity-help.cz/vdb/SB2021081011
Other system identifiers	CVE-2021-26423

Version: v24.5.3