.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38168

7.5HIGH

Key Information:

Vendor: Microsoft
Status: .net 8.0; Microsoft Visual Studio 2022 Version 17.6; Microsoft Visual Studio 2022 Version 17.10; Microsoft Visual Studio 2022 Version 17.8
Vendor: CVE Published:; 13 August 2024

Summary

A Denial of Service vulnerability exists in the .NET Framework and Visual Studio, which may allow an attacker to disrupt the normal operation of applications built with these tools. Exploitation of this vulnerability could lead to crashes or unresponsive systems, impairing user experience and potentially impacting critical business functions. Mitigation strategies and updates are necessary to ensure robust protection against this vulnerability.

Affected Version(s)

.NET 8.0 Unknown 1.0.0 < 8.0.8

Microsoft Visual Studio 2022 version 17.10 Unknown 17.10 < 17.10.6

Microsoft Visual Studio 2022 version 17.6 Unknown 17.6.0 < 17.6.18

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 13, 2024
Vulnerability Reserved
Jun 11, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed