Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-24111
HistoryFeb 25, 2021 - 11:15 p.m.

CVE-2021-24111

2021-02-2523:15:16
[email protected]
web.nvd.nist.gov
104
3
.net
framework
dos
vulnerability
cve-2021-24111
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.0%

JSON

.NET Framework Denial of Service Vulnerability

Affected configurations

Vulners
NVD
Node
microsoft.net_frameworkRange4.0.0.0–4.7.2
OR
microsoft.net_frameworkRange4.8.0–4.8
OR
microsoft.net_frameworkRange4.0.0.0–4.6
OR
microsoft.net_frameworkRange4.7.0–4.7.2
OR
microsoft.net_frameworkRange10.0.0.0–4.7.2
VendorProductVersionCPE
microsoft.net_framework*cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*
microsoft.net_framework*cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*
microsoft.net_framework*cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*
microsoft.net_framework*cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*
microsoft.net_framework*cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2",
    "cpes": [
      "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Windows Server 2012",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
      "Windows 8.1 for x64-based systems",
      "Windows Server 2012 R2",
      "Windows 7 for 32-bit Systems Service Pack 1",
      "Windows 7 for x64-based Systems Service Pack 1",
      "Windows Server 2012 R2 (Server Core installation)",
      "Windows Server 2012 (Server Core installation)",
      "Windows 8.1 for 32-bit systems",
      "Windows RT 8.1"
    ],
    "versions": [
      {
        "version": "4.0.0.0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.8",
    "cpes": [
      "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Windows 10 Version 1809 for 32-bit Systems",
      "Windows 10 Version 1803 for 32-bit Systems",
      "Windows 10 Version 1803 for x64-based Systems",
      "Windows 10 Version 1809 for x64-based Systems",
      "Windows Server 2016 (Server Core installation)",
      "Windows 10 Version 1607 for 32-bit Systems",
      "Windows 7 for 32-bit Systems Service Pack 1",
      "Windows 8.1 for 32-bit systems",
      "Windows 10 Version 1607 for x64-based Systems",
      "Windows 7 for x64-based Systems Service Pack 1",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
      "Windows 8.1 for x64-based systems",
      "Windows Server 2012",
      "Windows Server 2016",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
      "Windows RT 8.1",
      "Windows Server 2012 R2",
      "Windows Server 2012 (Server Core installation)",
      "Windows 10 Version 20H2 for 32-bit Systems",
      "Windows Server, version 2004 (Server Core installation)",
      "Windows 10 Version 2004 for x64-based Systems",
      "Windows Server, version 20H2 (Server Core Installation)",
      "Windows 10 Version 20H2 for ARM64-based Systems",
      "Windows 10 Version 2004 for ARM64-based Systems",
      "Windows 10 Version 2004 for 32-bit Systems",
      "Windows Server 2019 (Server Core installation)",
      "Windows Server 2019",
      "Windows 10 Version 1909 for x64-based Systems",
      "Windows Server, version 1909 (Server Core installation)",
      "Windows 10 Version 1909 for ARM64-based Systems",
      "Windows 10 Version 1909 for 32-bit Systems",
      "Windows Server 2012 R2 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.8.0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.6",
    "cpes": [
      "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Windows Server 2008 for 32-bit Systems Service Pack 2",
      "Windows Server 2008 for x64-based Systems Service Pack 2"
    ],
    "versions": [
      {
        "version": "4.0.0.0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
    "cpes": [
      "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Windows 10 Version 1607 for 32-bit Systems",
      "Windows Server 2016 (Server Core installation)",
      "Windows 10 Version 1607 for x64-based Systems",
      "Windows Server 2016"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.7.2",
    "cpes": [
      "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Windows 10 Version 1803 for x64-based Systems",
      "Windows Server 2019 (Server Core installation)",
      "Windows Server 2019",
      "Windows 10 Version 1803 for 32-bit Systems",
      "Windows 10 Version 1803 for ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0.0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Social References

More

Related

nessus 3
mskb 16
openvas 8
nvd 1
redhatcve 1
mscve 1
prion 1
cvelist 1
kaspersky 1
rapid7blog 1
nessus
nessus
Security Updates for Microsoft .NET Framework (February 2021)
2022-12-05 00:00:00
KB4601318: Windows 10 Version 1607 and Windows Server 2016 February 2021 Security Update
2021-02-09 00:00:00
KB4601354: Windows 10 Version 1803 February 2021 Security Update
2021-02-09 00:00:00
mskb
mskb
February 9, 2021-KB4601052 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703
2000-01-01 00:00:00
February 9, 2021-KB4601051 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016
2021-02-09 08:00:00
Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB4603002)
2021-02-09 08:00:00
openvas
openvas
Microsoft .NET Framework Denial of Service Vulnerability (KB4601887)
2021-02-10 00:00:00
Microsoft .NET Framework Denial of Service Vulnerability (KB4603004)
2021-02-10 00:00:00
Microsoft .NET Framework Denial of Service Vulnerability (KB4601056)
2021-02-10 00:00:00
nvd
nvd
CVE-2021-24111
2021-02-25 23:15:16
redhatcve
redhatcve
CVE-2021-24111
2021-03-01 16:03:32
mscve
mscve
.NET Framework Denial of Service Vulnerability
2021-02-09 08:00:00
prion
prion
Denial of service
2021-02-25 23:15:00
cvelist
cvelist
CVE-2021-24111 .NET Framework Denial of Service Vulnerability
2021-02-25 23:01:57
kaspersky
kaspersky
KLA12073 Multiple vulnerabilities in Microsoft Developer Tools
2021-02-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2021
2021-02-09 23:51:27

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.0%

JSON
Related for CVE-2021-24111
nessus3mskb16openvas8nvd1redhatcve1mscve1prion1cvelist1kaspersky1rapid7blog1