Details of VAR-201705-3360

ID

VAR-201705-3360

CVE

CVE-2017-0249

TITLE

Microsoft ASP.NET Core Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-003294

DESCRIPTION

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests. Microsoft ASP.NET Core Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. Microsoft ASP.NET Core is a cross-platform open source framework of Microsoft Corporation. The framework is used to build cloud-based applications such as web applications, IoT applications, and mobile backends. An attacker can use this vulnerability to gain access

Trust: 3.06

sources: NVD: CVE-2017-0249 // JVNDB: JVNDB-2017-003294 // CNVD: CNVD-2017-07323 // CNNVD: CNNVD-201705-736 // BID: 98118 // VULMON: CVE-2017-0249

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-07323

AFFECTED PRODUCTS

vendor:	microsoft	model:	system.text.encodings.web	scope:	eq	version:	4.3.0	Trust: 1.6
vendor:	microsoft	model:	system.net.http	scope:	eq	version:	4.3.1	Trust: 1.6
vendor:	microsoft	model:	system.net.http.winhttphandler	scope:	eq	version:	4.3.0	Trust: 1.6
vendor:	microsoft	model:	system.net.security	scope:	eq	version:	4.0.0	Trust: 1.6
vendor:	microsoft	model:	system.net.websockets.client	scope:	eq	version:	4.3.0	Trust: 1.6
vendor:	microsoft	model:	system.text.encodings.web	scope:	eq	version:	4.0.0	Trust: 1.6
vendor:	microsoft	model:	system.net.http.winhttphandler	scope:	eq	version:	4.0.1	Trust: 1.6
vendor:	microsoft	model:	system.net.websockets.client	scope:	eq	version:	4.0.0	Trust: 1.6
vendor:	microsoft	model:	system.net.security	scope:	eq	version:	4.3.0	Trust: 1.6
vendor:	microsoft	model:	system.net.http	scope:	eq	version:	4.1.1	Trust: 1.6
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.abstractions	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	asp.net model view controller	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.xml	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	asp.net model view controller	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor.host	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.localization	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.xml	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.cors	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.webapicompatshim	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.localization	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.localization	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.webapicompatshim	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.viewfeatures	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.dataannotations	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.taghelpers	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	asp.net model view controller	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.viewfeatures	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.cors	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	asp.net model view controller	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.abstractions	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.taghelpers	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.xml	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.dataannotations	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.xml	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.json	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.localization	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.viewfeatures	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.dataannotations	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.viewfeatures	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.xml	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor.host	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.dataannotations	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.apiexplorer	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.dataannotations	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.xml	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.viewfeatures	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.dataannotations	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.json	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.apiexplorer	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.cors	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.apiexplorer	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.viewfeatures	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.json	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.taghelpers	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor.host	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.json	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.viewfeatures	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.json	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.webapicompatshim	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor.host	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.webapicompatshim	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.abstractions	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.dataannotations	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.apiexplorer	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.cors	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor.host	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor.host	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.apiexplorer	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	asp.net model view controller	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.cors	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.localization	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.taghelpers	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.abstractions	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	asp.net model view controller	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	asp.net model view controller	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.cors	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.apiexplorer	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.cors	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.json	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.webapicompatshim	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.taghelpers	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.webapicompatshim	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.abstractions	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.abstractions	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.taghelpers	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.localization	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.apiexplorer	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.taghelpers	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.abstractions	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.json	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.razor.host	scope:	eq	version:	1.1.2	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.webapicompatshim	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.formatters.xml	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	microsoft	model:	microsoft.aspnetcore.mvc.localization	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	microsoft	model:	asp.net	scope:	eq	version:	core	Trust: 0.8
vendor:	microsoft	model:	asp.net core	scope:	-	version:	-	Trust: 0.6
vendor:	microsoft	model:	asp.net	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2017-07323 // BID: 98118 // JVNDB: JVNDB-2017-003294 // CNNVD: CNNVD-201705-736 // NVD: CVE-2017-0249

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-0249
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-0249
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-07323
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201705-736
value:	HIGH
Trust: 0.6
VULMON:	CVE-2017-0249
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-0249
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-07323
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2017-0249
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	3.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-07323 // VULMON: CVE-2017-0249 // JVNDB: JVNDB-2017-003294 // CNNVD: CNNVD-201705-736 // NVD: CVE-2017-0249

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2017-003294 // NVD: CVE-2017-0249

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201705-736

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201705-736

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-003294

PATCH

title:	Microsoft Security Advisory 4021279: Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege #239	url:	https://github.com/aspnet/Announcements/issues/239	Trust: 0.8
title:	Patch for Microsoft ASP.NET Core Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/94179	Trust: 0.6
title:	Microsoft ASP.NET Core Fixes for permission permissions and access control vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70329	Trust: 0.6
title:	OssIndexClient	url:	https://github.com/SimonCropp/OssIndexClient	Trust: 0.1
title:	-	url:	https://github.com/shiftingleft/dotnet-scm-test	Trust: 0.1
title:	-	url:	https://github.com/jnewman-sonatype/DotNetTest	Trust: 0.1

sources: CNVD: CNVD-2017-07323 // VULMON: CVE-2017-0249 // JVNDB: JVNDB-2017-003294 // CNNVD: CNNVD-201705-736

EXTERNAL IDS

db:	NVD	id:	CVE-2017-0249	Trust: 3.4
db:	JVNDB	id:	JVNDB-2017-003294	Trust: 0.8
db:	CNVD	id:	CNVD-2017-07323	Trust: 0.6
db:	CNNVD	id:	CNNVD-201705-736	Trust: 0.6
db:	BID	id:	98118	Trust: 0.4
db:	VULMON	id:	CVE-2017-0249	Trust: 0.1

sources: CNVD: CNVD-2017-07323 // VULMON: CVE-2017-0249 // BID: 98118 // JVNDB: JVNDB-2017-003294 // CNNVD: CNNVD-201705-736 // NVD: CVE-2017-0249

REFERENCES

url:	https://github.com/aspnet/announcements/issues/239	Trust: 2.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0249	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-0249	Trust: 0.8
url:	http://www.microsoft.com	Trust: 0.3
url:	https://technet.microsoft.com/library/security/4021279.aspx	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/98118	Trust: 0.1
url:	https://github.com/simoncropp/ossindexclient	Trust: 0.1
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=53814	Trust: 0.1

sources: CNVD: CNVD-2017-07323 // VULMON: CVE-2017-0249 // BID: 98118 // JVNDB: JVNDB-2017-003294 // CNNVD: CNNVD-201705-736 // NVD: CVE-2017-0249

CREDITS

Microsoft

Trust: 0.3

sources: BID: 98118

SOURCES

db:	CNVD	id:	CNVD-2017-07323
db:	VULMON	id:	CVE-2017-0249
db:	BID	id:	98118
db:	JVNDB	id:	JVNDB-2017-003294
db:	CNNVD	id:	CNNVD-201705-736
db:	NVD	id:	CVE-2017-0249

LAST UPDATE DATE

2024-08-14T14:39:46.731000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-07323	date:	2017-05-24T00:00:00
db:	VULMON	id:	CVE-2017-0249	date:	2021-06-30T00:00:00
db:	BID	id:	98118	date:	2017-05-23T16:25:00
db:	JVNDB	id:	JVNDB-2017-003294	date:	2017-05-24T00:00:00
db:	CNNVD	id:	CNNVD-201705-736	date:	2021-07-01T00:00:00
db:	NVD	id:	CVE-2017-0249	date:	2021-06-30T16:54:22.617

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-07323	date:	2017-05-24T00:00:00
db:	VULMON	id:	CVE-2017-0249	date:	2017-05-12T00:00:00
db:	BID	id:	98118	date:	2017-05-10T00:00:00
db:	JVNDB	id:	JVNDB-2017-003294	date:	2017-05-24T00:00:00
db:	CNNVD	id:	CNNVD-201705-736	date:	2017-05-18T00:00:00
db:	NVD	id:	CVE-2017-0249	date:	2017-05-12T14:29:04.003