CVE-2024-20667 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-20667 PUBLISHED

Es bestehen mehrere Schwachstellen in den Developer Tools. Diese Fehler bestehen in den Anwendungen Microsoft ASP.NET, Microsoft Azure DevOps Server und Microsoft Visual Studio 2022. Diese Fehler sind noch nicht im Detail beschrieben. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu verursachen.

EPSS 0.31% · 54.4th percentile

Risk Scores

EPSS Score

0.31%

54.4th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Azure DevOps Server 2022.1
Microsoft	Microsoft Azure DevOps Server 2019.1.2
Red Hat	Red Hat Enterprise Linux
Microsoft	Microsoft Visual Studio 2022 version 17.8
Microsoft	Microsoft Azure Active Directory B2C
Microsoft	Microsoft Azure DevOps Server 2020.1.2
Microsoft	Microsoft Visual Studio 2022 version 17.4
Microsoft	Microsoft Azure Connected Machine Agent
Oracle	Oracle Linux
Microsoft	Microsoft Azure Stack Hub
RESF	RESF Rocky Linux
Microsoft	Microsoft ASP.NET Core 6.0
Microsoft	Microsoft ASP.NET Core 7.0
Microsoft	Microsoft ASP.NET Core 8.0
Microsoft	Microsoft Azure File Sync v17.0
Microsoft	Microsoft Azure File Sync v15.0
Microsoft	Microsoft Azure File Sync v14.0
Microsoft	Microsoft Azure Site Recovery
Microsoft	Microsoft Azure Kubernetes Service Confidential Containers
Microsoft	Microsoft Azure File Sync v16.0

…and 1 more

Timeline

Feb 13, 2024 CVE Published
Feb 14, 2024 EPSS Score
Mar 12, 2024 EPSS Score
Apr 7, 2024 EPSS Score
May 30, 2024 EPSS Score
Jun 26, 2024 EPSS Score
Jul 22, 2024 EPSS Score
Aug 18, 2024 EPSS Score
Sep 13, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Nov 5, 2024 EPSS Score
Dec 3, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0362.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0362 advisory
https://msrc.microsoft.com/update-guide advisory
https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0365.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0365 advisory
https://access.redhat.com/errata/RHSA-2024:0807 advisory
https://access.redhat.com/errata/RHSA-2024:0805 advisory
https://access.redhat.com/errata/RHSA-2024:0806 advisory
https://access.redhat.com/errata/RHSA-2024:0808 advisory
https://access.redhat.com/errata/RHSA-2024:0814 advisory
https://access.redhat.com/errata/RHSA-2024:0827 advisory
https://access.redhat.com/errata/RHSA-2024:0848 advisory
https://linux.oracle.com/errata/ELSA-2024-0805.html advisory
https://linux.oracle.com/errata/ELSA-2024-0806.html advisory
https://linux.oracle.com/errata/ELSA-2024-0807.html advisory
https://linux.oracle.com/errata/ELSA-2024-0808.html advisory
https://linux.oracle.com/errata/ELSA-2024-0848.html advisory
https://errata.build.resf.org/RLSA-2024:0806 advisory
https://errata.build.resf.org/RLSA-2024:0827 advisory
https://linux.oracle.com/errata/ELSA-2024-0827.html advisory

…and 6 more

Open in Interactive Console →