Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

.NET Core Information Disclosure Vulnerability Oct18 (Windows)

Severity

Medium

Family

Windows

CVSSv2 Base

5.0

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Vendor Patch

Created

5 years ago

Modified

4 years ago

This host is installed with .NET Core and is prone to information disclosure vulnerability.

Insight

The flaw exists when .NET Core when HTTP authentication information is inadvertently exposed in an outbound request that encounters an HTTP redirect.

Affected Software

.NET Core 1.0.x runtime 1.0.12 or lower, .NET Core 1.1.x runtime 1.1.9 or lower, .NET Core 2.0.x runtime, .NET Core SDK prior to version 1.1.11.

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Upgrade to 1.0.13, 1.1.10 or 2.1 or later for .NET Core runtimes and to 1.1.11 for .NET Core SDK. Please see the references for more information.

Common Vulnerabilities and Exposures (CVE)

CVE-2018-8292

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

.NET Core Information Disclosure Vulnerability Oct18 (Windows)

Severity

Family

CVSSv2 Base

CVSSv2 Vector

Solution Type

Created

Modified

Share

Insight

Affected Software

Detection Method

Solution

Common Vulnerabilities and Exposures (CVE)

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

.NET Core Information Disclosure Vulnerability Oct18 (Windows)

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Insight

Insight

Affected Software

Affected Software

Detection Method

Detection Method

Solution

Solution

Common Vulnerabilities and Exposures (CVE)

References