CVE-2022-26832 — Vulnetix

CVE-2022-26832 PUBLISHED CVSS 7.5 HIGH

.NET Framework Denial of Service Vulnerability

EPSS 22.43% · 95.9th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

EPSS Score

22.43%

95.9th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft .NET Framework 3.0 Service Pack 2	3.0.0
Microsoft	Microsoft .NET Framework 3.5.1	3.5.0
Microsoft	Microsoft .NET Framework 3.5 AND 4.8	4.8.0
Microsoft	Microsoft .NET Framework 4.6	4.0.0.0
Microsoft	Microsoft .NET Framework 3.5 AND 4.7.2	4.7.0
Microsoft	Microsoft .NET Framework 2.0 Service Pack 2	2.0.0
Microsoft	Microsoft .NET Framework 4.5.2	4.0.0.0
microsoft	.net_framework	3.0, 3.5, 4.6
Microsoft	Microsoft .NET Framework 4.8	4.8.0
Microsoft	Microsoft .NET Framework 3.5	3.5.0
microsoft	.net	3.5.0, 3.5.0, 3.0.0
Microsoft	Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2	4.0.0.0
Microsoft	Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2	3.0.0.0

Timeline

Apr 12, 2022 CVE Published
Apr 16, 2022 EPSS Score
Jun 5, 2022 EPSS Score
Jul 26, 2022 EPSS Score
Nov 3, 2022 EPSS Score
Dec 23, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
Jul 12, 2023 EPSS Score
Aug 31, 2023 EPSS Score
Dec 9, 2023 EPSS Score
Jan 28, 2024 EPSS Score

References

.NET Framework Denial of Service Vulnerability vendor-advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26832 url
https://nvd.nist.gov/vuln/detail/CVE-2022-26832 advisory
https://msrc.microsoft.com/update-guide/ advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›