Lucene search

Kaspersky LabKLA65276

HistoryMar 22, 2024 - 12:00 a.m.

KLA65276 OSI vulnerability in Microsoft Developer Tools

2024-03-2200:00:00

Kaspersky Lab

threats.kaspersky.com

microsoft developer tools

high severity

public exploits

.net framework

necessary updates

cve-2024-29059

osi

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.004

Percentile

75.4%

JSON

An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information.

Original advisories

CVE-2024-29059

Exploitation

Public exploits exist for this vulnerability.

Related products

Microsoft-.NET-Framework

.NET

CVE list

CVE-2024-29059 critical

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Affected Products

Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 AND 4.8.1Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 4.8Microsoft .NET Framework 3.5Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2Microsoft .NET Framework 3.5 AND 4.6/4.6.2Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Microsoft .NET Framework 4.6.2Microsoft .NET Framework 3.5.1Microsoft .NET Framework 3.5 AND 4.8Microsoft .NET Framework 3.5 AND 4.7.2