Lucene search
HistoryJun 11, 2024 - 5:15 p.m.
CVE-2024-29060
cve-2024-29060
elevation of privilege
visual studio
6.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
0.001 Low
EPSS
Percentile
19.5%
Visual Studio Elevation of Privilege Vulnerability
Affected configurations
Node
microsoftvisual_studio_2017Range15.0–15.9.63
ORmicrosoftvisual_studio_2019Range16.0–16.11.37
ORmicrosoftvisual_studio_2022Range17.4–17.4.20
ORmicrosoftvisual_studio_2022Range17.6–17.6.16
ORmicrosoftvisual_studio_2022Range17.8–17.8.11
ORmicrosoftvisual_studio_2022Range17.10–17.10.2
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.10",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.10",
"lessThan": "17.10.2",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "15.9.0",
"lessThan": "15.9.63",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.11.0",
"lessThan": "16.11.37",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.4",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.4.0",
"lessThan": "17.4.20",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.6",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.6.0",
"lessThan": "17.6.16",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.8",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.8.0",
"lessThan": "17.8.11",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2024-29060 Visual Studio Elevation of Privilege Vulnerability
2024-06-11 16:59:48
mscve
mscve
Visual Studio Elevation of Privilege Vulnerability
2024-06-11 07:00:00
vulnrichment
vulnrichment
CVE-2024-29060 Visual Studio Elevation of Privilege Vulnerability
2024-06-11 16:59:48
nvd
nvd
CVE-2024-29060
2024-06-11 17:15:51
kaspersky
kaspersky
KLA68912 Multiple vulnerabilities in Microsoft Developer Tools
2024-06-11 00:00:00
nessus
nessus
Security Updates for Microsoft Visual Studio Products (June 2024)
2024-06-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2024
2024-06-11 19:43:48
6.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
0.001 Low
EPSS
Percentile
19.5%
Related for CVE-2024-29060