CVE-2018-0784

EUVD-2018-1592
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
Affected Products (NVD)
VendorProductVersion
microsoftasp.net_core
2.0
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/102377
http://www.securitytracker.com/id/1040151
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0784
http://www.securityfocus.com/bid/102377
http://www.securitytracker.com/id/1040151
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0784