First published: Wed Jan 10 2018(Updated: )
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft ASP.NET Core | =2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-0784 is an elevation of privilege vulnerability in ASP.NET Core 1.0, 1.1, and 2.0.
CVE-2018-0784 has a severity score of 8.8 (high).
CVE-2018-0784 affects ASP.NET Core versions 1.0, 1.1, and 2.0.
Yes, Microsoft has released fixes for CVE-2018-0784. It is recommended to update to the latest version of ASP.NET Core.
You can find more information about CVE-2018-0784 on the following websites: SecurityFocus (http://www.securityfocus.com/bid/102377) and SecurityTracker (http://www.securitytracker.com/id/1040151).