vulnerability
Microsoft CVE-2017-0248: .NET Security Feature Bypass Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | May 9, 2017 | May 9, 2017 | Nov 18, 2021 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
May 9, 2017
Added
May 9, 2017
Modified
Nov 18, 2021
Description
A security feature bypass vulnerability exists when Microsoft .NET Framework (and .NET Core) components do not completely validate certificates.
An attacker could present a certificate that is marked invalid for a specific use, but the component uses it for that purpose. This action disregards the Enhanced Key Usage taggings.
The security update addresses the vulnerability by helping to ensure that .NET Framework (and .NET Core) components completely validate certificates.
Solution(s)
msft-kb4016871-3f4526c4-d3ec-486a-a7ef-8d1987905310msft-kb4016871-cf89e515-56cd-4e4f-b5ca-31b3ea1e81b3msft-kb4019108-3244af7a-f1c3-4b03-911b-100cd1adfb7c-kb4014579msft-kb4019108-3244af7a-f1c3-4b03-911b-100cd1adfb7c-kb4014588msft-kb4019108-3244af7a-f1c3-4b03-911b-100cd1adfb7c-kb4014591msft-kb4019108-3244af7a-f1c3-4b03-911b-100cd1adfb7c-kb4014599msft-kb4019108-6dac4af2-9d3d-4569-83a7-81a52c7a4d6b-kb4014579msft-kb4019108-6dac4af2-9d3d-4569-83a7-81a52c7a4d6b-kb4014588msft-kb4019108-6dac4af2-9d3d-4569-83a7-81a52c7a4d6b-kb4014591msft-kb4019108-6dac4af2-9d3d-4569-83a7-81a52c7a4d6b-kb4014599msft-kb4019108-771b4464-5f14-4ed8-983f-fb3616a6f87a-kb4014579msft-kb4019109-17ffd6c1-ae2c-49e5-8475-9e8bf7ed4828-kb4014575msft-kb4019109-17ffd6c1-ae2c-49e5-8475-9e8bf7ed4828-kb4014591msft-kb4019109-17ffd6c1-ae2c-49e5-8475-9e8bf7ed4828-kb4014599msft-kb4019109-60f1c29b-1bf1-4584-8c48-7a2600279f01-kb4014575msft-kb4019109-60f1c29b-1bf1-4584-8c48-7a2600279f01-kb4014591msft-kb4019109-60f1c29b-1bf1-4584-8c48-7a2600279f01-kb4014599msft-kb4019109-6b4f2e9a-3631-4bd6-82c9-b313ad7cb492-kb4014575msft-kb4019110-3ff73dbc-ffdb-4a68-b468-f67f16ad7324-kb4014577msft-kb4019110-3ff73dbc-ffdb-4a68-b468-f67f16ad7324-kb4014586msft-kb4019110-3ff73dbc-ffdb-4a68-b468-f67f16ad7324-kb4014589msft-kb4019110-3ff73dbc-ffdb-4a68-b468-f67f16ad7324-kb4014597msft-kb4019110-9555b727-40e6-42df-af70-2b07fcb830a6-kb4014577msft-kb4019110-9555b727-40e6-42df-af70-2b07fcb830a6-kb4014589msft-kb4019110-9555b727-40e6-42df-af70-2b07fcb830a6-kb4014597msft-kb4019110-c1fd6397-2395-4def-baf9-797eaa02a634-kb4014577msft-kb4019110-c1fd6397-2395-4def-baf9-797eaa02a634-kb4014589msft-kb4019110-c1fd6397-2395-4def-baf9-797eaa02a634-kb4014597msft-kb4019111-0a54d88b-8d12-48bf-8259-a1156154e671-kb4014581msft-kb4019111-0a54d88b-8d12-48bf-8259-a1156154e671-kb4014587msft-kb4019111-0a54d88b-8d12-48bf-8259-a1156154e671-kb4014590msft-kb4019111-0a54d88b-8d12-48bf-8259-a1156154e671-kb4014595msft-kb4019111-2e2dc8c8-c324-4968-9461-1c5c6f1190c1-kb4014581msft-kb4019111-2e2dc8c8-c324-4968-9461-1c5c6f1190c1-kb4014587msft-kb4019111-2e2dc8c8-c324-4968-9461-1c5c6f1190c1-kb4014590msft-kb4019111-2e2dc8c8-c324-4968-9461-1c5c6f1190c1-kb4014595microsoft-windows-windows_server_2016-1607-kb4019472msft-kb4019472-970dc0b3-07a2-4434-8df0-9008dcdc9f36msft-kb4019472-bf47cd35-d39a-426f-8884-ffcd8bd9c49amsft-kb4019473-55f05839-b358-4f0d-bcef-683de665b62cmsft-kb4019473-e7400165-c486-4e3e-aabc-24d04ef1dbe6msft-kb4019474-15928377-0964-4b80-9021-1ab7230cc690msft-kb4019474-6964cf08-89cf-4a95-ace6-fdb7a423c09c
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.