{"containers":{"cna":{"title":"ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability","datePublic":"2021-12-14T08:00:00.000Z","affected":[{"vendor":"Microsoft","product":"Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)","cpes":["cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"16.0.0","lessThan":"16.7.23","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)","cpes":["cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"15.0.0","lessThan":"16.9.15","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)","cpes":["cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"16.11.0","lessThan":"16.11.8","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.0","cpes":["cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"17.0.0","lessThan":"17.0.3","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"ASP.NET Core 3.1","cpes":["cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"3.0","lessThan":"3.1.22","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"ASP.NET Core 5.0","cpes":["cpe:2.3:a:microsoft:asp.net_core:5.0:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"5.0","lessThan":"5.0.13","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"ASP.NET Core 6.0","cpes":["cpe:2.3:a:microsoft:asp.net_core:6.0:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"6.0","lessThan":"6.0.101","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.1","cpes":["cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*"],"platforms":["Unknown"],"versions":[{"version":"17.0.0","lessThan":"17.1.4","versionType":"custom","status":"affected"}]}],"descriptions":[{"value":"ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability","lang":"en-US"}],"problemTypes":[{"descriptions":[{"description":"Elevation of Privilege","lang":"en-US","type":"Impact"}]}],"providerMetadata":{"orgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","shortName":"microsoft","dateUpdated":"2024-05-29T14:44:33.540Z"},"references":[{"tags":["x_refsource_MISC"],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en-US","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","baseSeverity":"HIGH","baseScore":8.8,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T04:10:17.113Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877"}]}]},"cveMetadata":{"assignerOrgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","assignerShortName":"microsoft","cveId":"CVE-2021-43877","datePublished":"2021-12-15T14:15:31.000Z","dateReserved":"2021-11-16T00:00:00.000Z","dateUpdated":"2024-08-04T04:10:17.113Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}