Lucene search
MicrosoftCVE-2022-38013HistorySep 13, 2022 - 7:15 p.m.
CVE-2022-38013
2022-09-1319:15:12
microsoft
web.nvd.nist.gov
153
8
cve-2022-38013
.net core
visual studio
dos
vulnerability
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.3
Confidence
High
EPSS
0.003
Percentile
71.6%
.NET Core and Visual Studio Denial of Service Vulnerability
Affected configurations
Node
microsoft.netMatch6.0.0-
ORmicrosoft.net_coreMatch3.1-
ORmicrosoftvisual_studio_2019Match16.9
ORmicrosoftvisual_studio_2019Match16.11
ORmicrosoftvisual_studio_2022Match17.0
ORmicrosoftvisual_studio_2022Match17.2
ORmicrosoftvisual_studio_2022Match17.3
ORmicrosoftvisual_studio_2022Match17.3mac
Node
fedoraprojectfedoraMatch35
ORfedoraprojectfedoraMatch36
ORfedoraprojectfedoraMatch37
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | .net | 6.0.0 | cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:* |
| microsoft | .net_core | 3.1 | cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:* |
| microsoft | visual_studio_2019 | 16.9 | cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:* |
| microsoft | visual_studio_2019 | 16.11 | cpe:2.3:a:microsoft:visual_studio_2019:16.11:*:*:*:*:*:*:* |
| microsoft | visual_studio_2022 | 17.0 | cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:* |
| microsoft | visual_studio_2022 | 17.2 | cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
| microsoft | visual_studio_2022 | 17.3 | cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:*:*:* |
| microsoft | visual_studio_2022 | 17.3 | cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:mac:*:* |
| fedoraproject | fedora | 35 | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
| fedoraproject | fedora | 36 | cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Visual Studio 2022 for Mac version 17.3",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.3",
"lessThan": "17.3.5",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.3",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.0.0",
"lessThan": "17.3.4",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET Core 3.1",
"cpes": [
"cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "3.1",
"lessThan": "3.1.29",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": ".NET 6.0",
"cpes": [
"cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.9",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.11.0",
"lessThan": "16.11.19",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "16.9.25",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.0",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.0.0",
"lessThan": "17.0.14",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.2",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.2.0",
"lessThan": "17.2.8",
"versionType": "custom",
"status": "affected"
}
]
}
]References
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013
Social References
More
Related
nessus
nessus
Ubuntu 22.04 LTS : .NET 6 vulnerability (USN-5609-1)
2022-09-13 00:00:00
Oracle Linux 8 : .NET / Core / 3.1 (ELSA-2022-6523)
2022-09-15 00:00:00
redhat
redhat
(RHSA-2022:6520) Moderate: .NET 6.0 on RHEL 7 security and bugfix update
2022-09-14 13:21:58
(RHSA-2022:6521) Moderate: .NET 6.0 security and bugfix update
2022-09-14 13:22:59
fedora
fedora
[SECURITY] Fedora 36 Update: dotnet3.1-3.1.423-1.fc36
2022-10-08 17:33:54
[SECURITY] Fedora 35 Update: dotnet6.0-6.0.109-1.fc35
2022-10-28 11:45:44
[SECURITY] Fedora 37 Update: dotnet6.0-6.0.109-1.fc37
2022-11-10 22:49:13
osv
osv
.NET Denial of Service Vulnerability
2022-09-15 03:25:36
Moderate: .NET Core 3.1 security and bugfix update
2022-09-14 00:00:00
Moderate: .NET 6.0 security and bugfix update
2022-09-15 07:29:51
rocky
rocky
.NET Core 3.1 security and bugfix update
2022-09-14 13:23:42
.NET 6.0 security and bugfix update
2022-09-15 07:29:51
altlinux
altlinux
openvas
openvas
Fedora: Security Advisory for dotnet3.1 (FEDORA-2022-847c67b3cd)
2022-10-10 00:00:00
Fedora: Security Advisory for dotnet6.0 (FEDORA-2022-13046bb867)
2022-11-11 00:00:00
oraclelinux
oraclelinux
.NET 6.0 security and bugfix update
2022-09-14 00:00:00
.NET Core 3.1 security and bugfix update
2022-09-15 00:00:00
.NET 6.0 security and bugfix update
2022-09-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-09-16 12:26:43
almalinux
almalinux
Moderate: .NET 6.0 security and bugfix update
2022-09-14 00:00:00
Moderate: .NET 6.0 security and bugfix update
2022-09-15 00:00:00
Moderate: .NET Core 3.1 security and bugfix update
2022-09-14 00:00:00
cvelist
cvelist
CVE-2022-38013 .NET Core and Visual Studio Denial of Service Vulnerability
2022-09-13 00:00:00
mscve
mscve
.NET Core and Visual Studio Denial of Service Vulnerability
2022-09-13 07:00:00
ubuntu
ubuntu
.NET 6 vulnerability
2022-09-13 00:00:00
redhatcve
redhatcve
CVE-2022-38013
2022-09-13 18:14:37
mskb
mskb
.NET 6.0 Update - September 13, 2022 (KB5017915)
2022-09-13 07:00:00
.NET Core 3.1 Update - September 13, 2022 (KB5017903)
2022-09-13 07:00:00
ubuntucve
ubuntucve
CVE-2022-38013
2022-09-13 00:00:00
alpinelinux
alpinelinux
CVE-2022-38013
2022-09-13 19:15:12
prion
prion
Denial of service
2022-09-13 19:15:00
nvd
nvd
CVE-2022-38013
2022-09-13 19:15:12
github
github
.NET Denial of Service Vulnerability
2022-09-15 03:25:36
kaspersky
kaspersky
KLA19246 Multiple vulnerabilities in Microsoft Developer Tools
2022-09-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - September 2022
2022-09-13 20:11:08
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.3
Confidence
High
EPSS
0.003
Percentile
71.6%
Related for CVE-2022-38013