Jul 2018:
CVE-2018-8171 Published on July 11, 2018

A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.

NVD

Products Associated with CVE-2018-8171

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft ASP.NET Core

Microsoft Asp Net Mvc

Microsoft Asp Net Webpages

Microsoft Asp Net Model View Controller

Affected Versions

Microsoft ASP.NET:

Version Web Pages 3.2.3 on Microsoft Visual Studio 2013 Update 5 is affected.
Version Web Pages 3.2.3 on Microsoft Visual Studio 2015 Update 3 is affected.

Microsoft ASP.NET Core:

Version 1.0 is affected.
Version 1.1 is affected.
Version 2.0 is affected.

Microsoft ASP.NET MVC 5.2:

Version Microsoft Visual Studio 2013 Update 5 is affected.
Version Microsoft Visual Studio 2015 Update 3 is affected.

Exploit Probability

EPSS

16.31%

Percentile

94.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jul 2018: CVE-2018-8171 Published on July 11, 2018

Products Associated with CVE-2018-8171

Affected Versions

Exploit Probability

Jul 2018:
CVE-2018-8171 Published on July 11, 2018