CVE-2022-24512

Published Mar 9, 2022

Last updated 3 months ago

CVSS medium 6.3

Overview

Description: .NET and Visual Studio Remote Code Execution Vulnerability
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Secondary
Base score: 6.3
Impact score: 3.4
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:.net:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8F02D5C-61F1-4381-8D64-8BEB5CED0DC6"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70BE107E-20A0-4998-A8ED-BCC414C6BDBF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77F72A4A-239D-4362-B42C-2B125FD977AB",
            "versionEndExcluding": "7.0.9",
            "versionStartIncluding": "7.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2C644EF-33B6-440F-8051-6A0D3C096F67",
            "versionEndExcluding": "7.1.6",
            "versionStartIncluding": "7.1"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD5CE10E-FCBF-4FBA-9B4E-BEB7F7E902A1",
            "versionEndExcluding": "7.2.2",
            "versionStartIncluding": "7.2"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6222A0C-EC9B-4AB2-A89F-5D62B381A212",
            "versionEndIncluding": "16.6.4",
            "versionStartIncluding": "16.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "367AC9B2-D639-40F6-93FB-822F73E65C30",
            "versionEndExcluding": "16.7.26",
            "versionStartIncluding": "16.7.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC9599DF-664B-4630-9FCD-7FCD846728A1",
            "versionEndIncluding": "16.8.7",
            "versionStartIncluding": "16.8.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4338A4F9-0FE2-40F4-B184-86B9F5EF1EED",
            "versionEndExcluding": "16.9.18",
            "versionStartIncluding": "16.9.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B6E2777-4D9B-4710-9575-250B04E1AE0C",
            "versionEndIncluding": "16.10.4",
            "versionStartIncluding": "16.10.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1265006-B9CB-4E89-B6E8-F9EC1D6C7405",
            "versionEndExcluding": "16.11.11",
            "versionStartIncluding": "16.11.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C72810F-D156-49CE-A325-7E6A63C9E4A3",
            "versionEndExcluding": "17.0.7",
            "versionStartIncluding": "17.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References