CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-8171

A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.085

EPSS Ranking 91.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.securityfocus.com/bid/104659
http://www.securitytracker.com/id/1041267
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171
http://www.securityfocus.com/bid/104659
http://www.securitytracker.com/id/1041267
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171

Products affected by CVE-2018-8171

Microsoft » Asp.net Core » Version: 1.0

cpe:2.3:a:microsoft:asp.net_core:1.0
Microsoft » Asp.net Core » Version: 1.1

cpe:2.3:a:microsoft:asp.net_core:1.1
Microsoft » Asp.net Core » Version: 2.0

cpe:2.3:a:microsoft:asp.net_core:2.0
Microsoft » Asp.net Model View Controller » Version: 5.2

cpe:2.3:a:microsoft:asp.net_model_view_controller:5.2
Microsoft » Asp.net Webpages » Version: 3.2.3

cpe:2.3:a:microsoft:asp.net_webpages:3.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8171

Products

Pricing

Contact Us