Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS22_NOV_DOTNET.NASL
HistoryNov 10, 2022 - 12:00 a.m.

Security Updates for Microsoft .NET Framework (November 2022)

2022-11-1000:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
microsoft .net framework
security update
information disclosure
system.data.sqlclient
microsoft.data.sqlclient

5.8 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.5%

JSON

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by an information disclosure vulnerability in the System.Data.SqlClient and Microsoft.Data.SqlClient packages. A timeout occurring under high load can cause incorrect data to be returned as the result of an asynchronously executed query.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

# The descriptive text and package checks in this plugin were  
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#

include('compat.inc');

if (description)
{
  script_id(167254);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/05");

  script_cve_id("CVE-2022-41064");
  script_xref(name:"MSKB", value:"5020606");
  script_xref(name:"MSKB", value:"5020608");
  script_xref(name:"MSKB", value:"5020609");
  script_xref(name:"MSKB", value:"5020610");
  script_xref(name:"MSKB", value:"5020611");
  script_xref(name:"MSKB", value:"5020612");
  script_xref(name:"MSKB", value:"5020613");
  script_xref(name:"MSKB", value:"5020614");
  script_xref(name:"MSKB", value:"5020615");
  script_xref(name:"MSKB", value:"5020617");
  script_xref(name:"MSKB", value:"5020618");
  script_xref(name:"MSKB", value:"5020619");
  script_xref(name:"MSKB", value:"5020620");
  script_xref(name:"MSKB", value:"5020621");
  script_xref(name:"MSKB", value:"5020622");
  script_xref(name:"MSKB", value:"5020623");
  script_xref(name:"MSKB", value:"5020624");
  script_xref(name:"MSKB", value:"5020627");
  script_xref(name:"MSKB", value:"5020628");
  script_xref(name:"MSKB", value:"5020629");
  script_xref(name:"MSKB", value:"5020630");
  script_xref(name:"MSKB", value:"5020632");
  script_xref(name:"MSFT", value:"MS22-5020606");
  script_xref(name:"MSFT", value:"MS22-5020608");
  script_xref(name:"MSFT", value:"MS22-5020609");
  script_xref(name:"MSFT", value:"MS22-5020610");
  script_xref(name:"MSFT", value:"MS22-5020611");
  script_xref(name:"MSFT", value:"MS22-5020612");
  script_xref(name:"MSFT", value:"MS22-5020613");
  script_xref(name:"MSFT", value:"MS22-5020614");
  script_xref(name:"MSFT", value:"MS22-5020615");
  script_xref(name:"MSFT", value:"MS22-5020617");
  script_xref(name:"MSFT", value:"MS22-5020618");
  script_xref(name:"MSFT", value:"MS22-5020619");
  script_xref(name:"MSFT", value:"MS22-5020620");
  script_xref(name:"MSFT", value:"MS22-5020621");
  script_xref(name:"MSFT", value:"MS22-5020622");
  script_xref(name:"MSFT", value:"MS22-5020623");
  script_xref(name:"MSFT", value:"MS22-5020624");
  script_xref(name:"MSFT", value:"MS22-5020627");
  script_xref(name:"MSFT", value:"MS22-5020628");
  script_xref(name:"MSFT", value:"MS22-5020629");
  script_xref(name:"MSFT", value:"MS22-5020630");
  script_xref(name:"MSFT", value:"MS22-5020632");
  script_xref(name:"IAVA", value:"2022-A-0477-S");

  script_name(english:"Security Updates for Microsoft .NET Framework (November 2022)");

  script_set_attribute(attribute:"synopsis", value:
"The Microsoft .NET Framework installation on the remote host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected
by an information disclosure vulnerability in the System.Data.SqlClient and Microsoft.Data.SqlClient packages. A
timeout occurring under high load can cause incorrect data to be returned as the result of an asynchronously
executed query.");
  # https://devblogs.microsoft.com/dotnet/dotnet-framework-november-2022-security-and-quality-rollup-updates/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7499964d");
  # https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41064
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?893ba2be");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020606");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020608");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020609");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020610");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020611");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020612");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020613");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020614");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020615");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020617");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020618");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020619");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020620");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020621");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020622");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020623");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020624");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020627");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020628");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020629");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020630");
  script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5020632");
  script_set_attribute(attribute:"solution", value:
"Microsoft has released security updates for Microsoft .NET Framework.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:H/Au:S/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-41064");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/11/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/11/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/11/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:.net_framework");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_check_dotnet_rollup.nasl", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl", "microsoft_net_framework_installed.nasl");
  script_require_keys("SMB/MS_Bulletin_Checks/Possible");
  script_require_ports(139, 445, "Host/patch_management_checks");

  exit(0);
}

include('install_func.inc');
include('smb_func.inc');
include('smb_hotfixes.inc');
include('smb_hotfixes_fcheck.inc');

get_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');

var bulletin = 'MS22-11';
var kbs = make_list(
  '5020606',
  '5020608',
  '5020609',
  '5020610',
  '5020611',
  '5020612',
  '5020613',
  '5020614',
  '5020615',
  '5020617',
  '5020618',
  '5020619',
  '5020620',
  '5020621',
  '5020622',
  '5020623',
  '5020624',
  '5020627',
  '5020628',
  '5020629',
  '5020630',
  '5020632'
);

if (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);

get_kb_item_or_exit('SMB/Registry/Enumerated');
get_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);

if (hotfix_check_sp_range(vista:'2' , win7:'1', win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);

var share = hotfix_get_systemdrive(exit_on_fail:TRUE, as_share:TRUE);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);

var app = 'Microsoft .NET Framework';
get_install_count(app_name:app, exit_if_zero:TRUE);
var installs = get_combined_installs(app_name:app);

var install, version;
var vuln = 0;

if (installs[0] == 0)
{
  foreach install (installs[1])
  {
    version = install['version'];
    if( version != UNKNOWN_VER &&
        smb_check_dotnet_rollup(rollup_date:'11_2022', dotnet_ver:version))
      vuln++;
  }
}
if(vuln)
{
  hotfix_security_warning();
  hotfix_check_fversion_end();
  exit(0);
}
else
{
  hotfix_check_fversion_end();
  audit(AUDIT_HOST_NOT, 'affected');
}
VendorProductVersionCPE
microsoft.net_frameworkcpe:/a:microsoft:.net_framework

References

Related

mskb 21
github 1
cve 1
veracode 1
mscve 1
ibm 3
openvas 4
ubuntucve 1
osv 1
nvd 1
prion 1
cvelist 1
kaspersky 1
nessus 2
rapid7blog 1
mskb
mskb
November 8, 2022-KB5020692 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2
2022-11-08 08:00:00
November 8, 2022-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB5020678)
2022-11-08 08:00:00
November 8, 2022-KB5020685 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019
2022-11-08 08:00:00
github
github
.NET Information Disclosure Vulnerability
2022-11-08 23:00:22
cve
cve
CVE-2022-41064
2022-11-09 22:15:20
veracode
veracode
Information Disclosure
2022-11-10 13:49:48
mscve
mscve
.NET Framework Information Disclosure Vulnerability
2022-11-08 08:00:00
ibm
ibm
Security Bulletin: A vulnerability in Microsoft .NET Framework may affect IBM Robotic Process Automation and result in an exposure of sensitive information (CVE-2022-41064)
2023-09-11 16:04:21
Security Bulletin: A vulnerability in Microsoft .NET Framework may affect IBM Robotic Process Automation and result in an exposure of sensitive information (CVE-2022-41064)
2023-03-08 20:18:19
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.
2023-01-30 21:27:00
openvas
openvas
Microsoft .NET Framework Information Disclosure Vulnerability (KB5020689)
2023-02-02 00:00:00
Microsoft .NET Framework Information Disclosure Vulnerability (KB5020690)
2023-02-02 00:00:00
Microsoft .NET Framework Information Disclosure Vulnerability (KB5020688)
2023-02-02 00:00:00
ubuntucve
ubuntucve
CVE-2022-41064
2022-11-09 00:00:00
osv
osv
.NET Information Disclosure Vulnerability
2022-11-08 23:00:22
nvd
nvd
CVE-2022-41064
2022-11-09 22:15:20
prion
prion
Information disclosure
2022-11-09 22:15:00
cvelist
cvelist
CVE-2022-41064 .NET Framework Information Disclosure Vulnerability
2022-11-09 00:00:00
kaspersky
kaspersky
KLA20040 Multiple vulnerabilities in Microsoft Developer Tools
2022-11-08 00:00:00
nessus
nessus
KB5019970: Windows 10 LTS 1507 Security Update (November 2022)
2022-11-08 00:00:00
KB5019964: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2022)
2022-11-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2022
2022-11-08 20:02:57

5.8 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.5%

JSON
Related for SMB_NT_MS22_NOV_DOTNET.NASL
mskb21github1cve1veracode1mscve1ibm3openvas4ubuntucve1osv1nvd1prion1cvelist1kaspersky1nessus2rapid7blog1