CVE-2018-0784
First published: Wed Jan 10 2018(Updated: )
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft ASP.NET Core | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-0784?
CVE-2018-0784 is an elevation of privilege vulnerability in ASP.NET Core 1.0, 1.1, and 2.0.
What is the severity of CVE-2018-0784?
CVE-2018-0784 has a severity score of 8.8 (high).
How does CVE-2018-0784 affect ASP.NET Core?
CVE-2018-0784 affects ASP.NET Core versions 1.0, 1.1, and 2.0.
Is there a fix available for CVE-2018-0784?
Yes, Microsoft has released fixes for CVE-2018-0784. It is recommended to update to the latest version of ASP.NET Core.
Where can I find more information about CVE-2018-0784?
You can find more information about CVE-2018-0784 on the following websites: SecurityFocus (http://www.securityfocus.com/bid/102377) and SecurityTracker (http://www.securitytracker.com/id/1040151).
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft asp.net core
- version/microsoft asp.net core/2.0