CVE-2021-43877

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
microsoftCNA
8.8 HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
microsoftasp.net_core
3.1
microsoftasp.net_core
5.0
microsoftasp.net_core
6.0
microsoftvisual_studio_2019
16.7
microsoftvisual_studio_2019
16.9
microsoftvisual_studio_2019
16.11
microsoftvisual_studio_2022
17.0
𝑥
= Vulnerable software versions
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877