CVE-2018-0808

ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784.

Published: Mar 14, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-0808
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / asp.net_core	1.0	1.0.x
microsoft / asp.net_core	1.1	1.1.x
microsoft / asp.net_core	2.0	2.0.x

http://www.securityfocus.com/bid/103226
http://www.securitytracker.com/id/1040504
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0808

Vulnerability Database

289,599

CVE-2018-0808