CVE-2021-43877 vulnerability in Microsoft Products
Published on December 15, 2021

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

NVD

Products Associated with CVE-2021-43877

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft ASP.NET Core

Microsoft Visual Studio 2019

Microsoft Visual Studio 2022

Affected Versions

Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6):

Version 16.0.0 and below 16.7.23 is affected.

Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8):

Version 15.0.0 and below 16.9.15 is affected.

Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10):

Version 16.11.0 and below 16.11.8 is affected.

Microsoft Visual Studio 2022 version 17.0:

Version 17.0.0 and below 17.0.3 is affected.

Microsoft ASP.NET Core 3.1:

Version 3.0 and below 3.1.22 is affected.

Microsoft ASP.NET Core 5.0:

Version 5.0 and below 5.0.13 is affected.

Microsoft ASP.NET Core 6.0:

Version 6.0 and below 6.0.101 is affected.

Microsoft Visual Studio 2022 version 17.1:

Version 17.0.0 and below 17.1.4 is affected.

Exploit Probability

EPSS

0.68%

Percentile

71.37%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-43877 vulnerability in Microsoft ProductsPublished on December 15, 2021

Products Associated with CVE-2021-43877

Affected Versions

Exploit Probability

CVE-2021-43877 vulnerability in Microsoft Products
Published on December 15, 2021