Lucene search
HistoryFeb 09, 2022 - 5:15 p.m.
CVE-2022-21986
cve-2022-21986
.net
dos
vulnerability
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.7%
.NET Denial of Service Vulnerability
Affected configurations
Node
microsoftmicrosoft_visual_studio_2019_16.9 (includes 16.0 - 16.8)Range15.0.0–16.9.17
ORmicrosoftmicrosoft_visual_studio_2019_16.11 (includes 16.0 - 16.10)Range16.11.0–16.11.10
ORmicrosoftmicrosoft_visual_studio_2022_17.0Range17.0.0–17.0.6
ORmicrosoftvisual_studio_2019_for_mac_8.10Range8.1.0–8.10.18
ORmicrosoft.net_5.0Range5.0.0–5.0.14
ORmicrosoft.net_6.0Range6.0.0–6.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | microsoft_visual_studio_2019_16.9 (includes 16.0 - 16.8) | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2019_16.9 (includes 16.0 - 16.8):*:*:*:*:*:*:*:* |
| microsoft | microsoft_visual_studio_2019_16.11 (includes 16.0 - 16.10) | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2019_16.11 (includes 16.0 - 16.10):*:*:*:*:*:*:*:* |
| microsoft | microsoft_visual_studio_2022_17.0 | * | cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.0:*:*:*:*:*:*:*:* |
| microsoft | visual_studio_2019_for_mac_8.10 | * | cpe:2.3:a:microsoft:visual_studio_2019_for_mac_8.10:*:*:*:*:*:*:*:* |
| microsoft | .net_5.0 | * | cpe:2.3:a:microsoft:.net_5.0:*:*:*:*:*:*:*:* |
| microsoft | .net_6.0 | * | cpe:2.3:a:microsoft:.net_6.0:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "16.9.17",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.11.0",
"lessThan": "16.11.10",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.0",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.0.0",
"lessThan": "17.0.6",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Visual Studio 2019 for Mac version 8.10",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "8.1.0",
"lessThan": "8.10.18",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET 5.0",
"cpes": [
"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "5.0.0",
"lessThan": "5.0.14",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET 6.0",
"cpes": [
"cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.2",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
osv
osv
BIT-dotnet-2022-21986
2024-03-06 10:58:58
.NET Denial of Service Vulnerability
2022-10-21 20:29:04
CVE-2022-21986
2022-02-09 17:15:08
fedora
fedora
[SECURITY] Fedora 35 Update: dotnet6.0-6.0.102-1.fc35
2022-02-24 23:08:55
[SECURITY] Fedora 34 Update: dotnet6.0-6.0.102-1.fc34
2022-02-24 23:27:08
nessus
nessus
Rocky Linux 8 : .NET 5.0 (RLSA-2022:0495)
2023-11-07 00:00:00
Rocky Linux 8 : .NET 6.0 (RLSA-2022:0496)
2023-11-06 00:00:00
Security Update for .NET Core (February 2022)
2022-02-10 00:00:00
oraclelinux
oraclelinux
.NET 6.0 security and bugfix update
2022-03-09 00:00:00
.NET 5.0 security and bugfix update
2022-02-09 00:00:00
github
github
.NET Denial of Service Vulnerability
2022-10-21 20:29:04
mscve
mscve
.NET Denial of Service Vulnerability
2022-02-08 08:00:00
redhatcve
redhatcve
CVE-2022-21986
2022-02-09 21:22:46
CVE-2022-219862
2022-02-08 19:14:53
veracode
veracode
Denial Of Service (DoS)
2022-02-10 11:10:29
openvas
openvas
Fedora: Security Advisory for dotnet6.0 (FEDORA-2022-1fd0cea1e2)
2022-02-25 00:00:00
Fedora: Security Advisory for dotnet6.0 (FEDORA-2022-4f43c83583)
2022-02-25 00:00:00
cvelist
cvelist
CVE-2022-21986 .NET Denial of Service Vulnerability
2022-02-09 16:36:32
prion
prion
Denial of service
2022-02-09 17:15:00
nvd
nvd
CVE-2022-21986
2022-02-09 17:15:08
redhat
redhat
(RHSA-2022:0495) Important: .NET 5.0 security and bugfix update
2022-02-09 08:26:30
(RHSA-2022:0496) Important: .NET 6.0 security and bugfix update
2022-02-09 08:26:35
(RHSA-2022:0500) Important: .NET 6.0 on RHEL 7 security and bugfix update
2022-02-09 13:32:02
kaspersky
kaspersky
KLA12453 Multiple vulnerabilities in Microsoft Developer Tools
2022-02-08 00:00:00
rocky
rocky
.NET 5.0 security and bugfix update
2022-02-09 08:26:30
.NET 6.0 security and bugfix update
2022-02-09 08:26:35
altlinux
altlinux
ibm
ibm
thn
thn
Microsoft and Other Major Software Firms Release February 2022 Patch Updates
2022-02-09 06:40:00
rapid7blog
rapid7blog
Patch Tuesday - February 2022
2022-02-08 20:43:40
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.7%
Related for CVE-2022-21986