CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-0787

ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.137

EPSS Ranking 94.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/103282
http://www.securitytracker.com/id/1040525
https://github.com/aspnet/Announcements/issues/295
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787
http://www.securityfocus.com/bid/103282
http://www.securitytracker.com/id/1040525
https://github.com/aspnet/Announcements/issues/295
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0787

Products affected by CVE-2018-0787

Microsoft » Asp.net Core » Version: 1.0

cpe:2.3:a:microsoft:asp.net_core:1.0
Microsoft » Asp.net Core » Version: 1.1

cpe:2.3:a:microsoft:asp.net_core:1.1
Microsoft » Asp.net Core » Version: 2.0

cpe:2.3:a:microsoft:asp.net_core:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0787

Products

Pricing

Contact Us