CVE-2024-21386

CWE-400 — Uncontrolled Resource Consumption9 documents6 sources

Severity

7.5HIGH

No vector

EPSS

2.2%

top 15.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Asp.net Core 6.0 Microsoft Asp.net Core 7.0 Microsoft Asp.net Core 8.0 +3 more

Timeline

PublishedFeb 13

Description

.NET Denial of Service Vulnerability .NET Denial of Service Vulnerability

Affected Packages21 packages

▶CVEListV5microsoft/asp.net_core_6.06.0 — 6.0.27

▶CVEListV5microsoft/asp.net_core_7.07.0.0 — 7.0.16

▶CVEListV5microsoft/asp.net_core_8.08.0 — 8.0.2

▶NuGetMicrosoft.AspNetCore.App.Runtime.osx-x647.0.0 — 7.0.16+2

▶NuGetMicrosoft.AspNetCore.App.Runtime.win-arm7.0.0 — 7.0.16+2

🔴Vulnerability Details

GHSA

Duplicate Advisory: Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability↗2024-02-13

▶

CVEList

.NET Denial of Service Vulnerability↗2024-02-13

▶

OSV

Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability↗2024-02-13

▶

OSV

Duplicate Advisory: Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability↗2024-02-13

▶

GHSA

Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability↗2024-02-13

▶

📋Vendor Advisories

Microsoft

.NET Denial of Service Vulnerability↗2024-02-13

▶

Red Hat

dotnet: Denial of Service in SignalR server↗2024-02-13

▶

Ubuntu

.NET vulnerabilities↗2024-02-13

▶