What is the severity of CVE-2024-21312?

CVE-2024-21312 is classified as a Denial of Service vulnerability in the .NET Framework.

How do I fix CVE-2024-21312?

To fix CVE-2024-21312, you should apply the appropriate patches provided by Microsoft for the affected versions of .NET Framework.

Which versions of .NET Framework are affected by CVE-2024-21312?

CVE-2024-21312 affects .NET Framework versions 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, and 4.8.1.

What are the potential impacts of CVE-2024-21312?

The potential impact of CVE-2024-21312 is service disruption leading to application unavailability due to Denial of Service.

Is there a workaround for CVE-2024-21312?

Currently, the best approach to mitigate CVE-2024-21312 is to update to a patched version of the .NET Framework.

Vulnerability/
CVE-2024-21312

high

7.5

CWE

EPSS

0.141%

9/1/2024

30/4/2025

CVE-2024-21312: .NET Framework Denial of Service Vulnerability

First published: Tue Jan 09 2024(Updated: )

.NET Framework Denial of Service Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft .NET Framework 4	=4.6.2=4.7=4.7.1=4.7.2	fix available externally
Microsoft .NET Framework 4	=4.6.2=4.7=4.7.1=4.7.2	fix available externally
Microsoft .NET Framework 4	=3.5	fix available externally
Microsoft .NET Framework 4	=4.8	fix available externally
Microsoft .NET Framework 4	=4.6.2=4.7=4.7.1=4.7.2	fix available externally
Microsoft .NET Framework 4	=4.8	fix available externally
Microsoft .NET Framework 4	=3.5	fix available externally
Microsoft .NET Framework 4	=3.5=4.7.2	fix available externally
Microsoft .NET Framework 4	=4.8	fix available externally
Microsoft .NET Framework 4	=3.5=4.7.2	fix available externally
Microsoft .NET Framework 4	=3.5=4.8	fix available externally
Microsoft .NET Framework 4	=3.5=4.8.1	fix available externally
Microsoft .NET Framework 4	=3.5=4.8	fix available externally
Microsoft .NET Framework 4	=3.5=4.8	fix available externally
Microsoft .NET Framework 4	=3.5=4.8.1	fix available externally
Microsoft .NET Framework 4	=3.5=4.8.1	fix available externally
Microsoft .NET Framework 4	=3.5=4.8	fix available externally
Microsoft .NET Framework 4	=3.5=4.8.1	fix available externally
Microsoft .NET Framework 4	=3.5=4.8.1	fix available externally
All of
Microsoft .NET Framework 4	=3.5
Any of
Microsoft Windows Server
Microsoft Windows Server	=r2
All of
Any of
Microsoft .NET Framework 4	=3.5
Microsoft .NET Framework 4	=4.8.1
Any of
Microsoft Windows 10
Microsoft Windows 10
Windows 11
Windows 11
Windows 11
Microsoft Windows Server 2022
All of
Any of
Microsoft .NET Framework 4	=4.6.2
Microsoft .NET Framework 4	=4.7
Microsoft .NET Framework 4	=4.7.1
Microsoft .NET Framework 4	=4.7.2
Any of
Microsoft Windows Server	=r2-sp1
Microsoft Windows Server
Microsoft Windows Server	=r2
All of
Any of
Microsoft .NET Framework 4	=3.5
Microsoft .NET Framework 4	=4.7.2
Any of
Microsoft Windows 10
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2019
All of
Microsoft .NET Framework 4	=4.8
Any of
Microsoft Windows 10
Microsoft Windows Server
Microsoft Windows Server	=r2
Microsoft Windows Server 2016
All of
Any of
Microsoft .NET Framework 4	=3.5
Microsoft .NET Framework 4	=4.8
Any of
Microsoft Windows 10
Microsoft Windows 10
Microsoft Windows 10
Windows 11
Microsoft Windows Server 2019
Microsoft Windows Server 2022

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21312

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-21312?
CVE-2024-21312 is classified as a Denial of Service vulnerability in the .NET Framework.
How do I fix CVE-2024-21312?
To fix CVE-2024-21312, you should apply the appropriate patches provided by Microsoft for the affected versions of .NET Framework.
Which versions of .NET Framework are affected by CVE-2024-21312?
CVE-2024-21312 affects .NET Framework versions 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, and 4.8.1.
What are the potential impacts of CVE-2024-21312?
The potential impact of CVE-2024-21312 is service disruption leading to application unavailability due to Denial of Service.
Is there a workaround for CVE-2024-21312?
Currently, the best approach to mitigate CVE-2024-21312 is to update to a patched version of the .NET Framework.

agent/type
agent/first-publish-date
agent/severity
agent/remedy
agent/title
agent/author
agent/description
agent/event
agent/references
collector/msrc
source/Microsoft
collector/msrc-cve
collector/epss-latest
source/FIRST
agent/epss
agent/weakness
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
vendor/microsoft
canonical/microsoft .net framework 4
version/microsoft .net framework 4/4.6.2
version/microsoft .net framework 4/4.7
version/microsoft .net framework 4/4.7.1
version/microsoft .net framework 4/4.7.2
version/microsoft .net framework 4/3.5
version/microsoft .net framework 4/4.8
version/microsoft .net framework 4/4.8.1
canonical/microsoft windows server
version/microsoft windows server/r2
canonical/microsoft windows 10
canonical/windows 11
canonical/microsoft windows server 2022
version/microsoft windows server/r2-sp1
canonical/microsoft windows server 2016
canonical/microsoft windows server 2019