.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-30105

7.5HIGH

Key Information:

Vendor: Microsoft
Status: .net 8.0; Powershell 7.4; Microsoft Visual Studio 2022 Version 17.4; Microsoft Visual Studio 2022 Version 17.6
Vendor: CVE Published:; 9 July 2024

Summary

A Denial of Service vulnerability has been identified in the .NET Framework and Visual Studio, which could allow an attacker to cause the application to become unresponsive. This flaw, present in certain versions of both .NET and Visual Studio, may be exploited under specific conditions, leading to potential service interruptions for users. Organizations utilizing these tools need to be aware of this vulnerability and assess their risk, implementing any recommended security updates to mitigate exposure.

Affected Version(s)

.NET 8.0 Unknown 1.0.0 < 8.0.7

Microsoft Visual Studio 2022 version 17.10 Unknown 17.10 < 17.10.4

Microsoft Visual Studio 2022 version 17.4 Unknown 17.4.0 < 17.4.21

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed