|Title:||.NET Core Information Disclosure Vulnerability Oct18 (Windows)|
|Summary:||This host is installed with .NET Core; and is prone to information disclosure vulnerability.|
This host is installed with .NET Core
and is prone to information disclosure vulnerability.
The flaw exists when .NET Core when HTTP
authentication information is inadvertently exposed in an outbound request that
encounters an HTTP redirect.
Successful exploitation will allow attackers
to disclose sensitive information and use the information to further compromise
the web application.
.NET Core 1.0.x runtime 1.0.12 or lower,
.NET Core 1.1.x runtime 1.1.9 or lower,
.NET Core 2.0.x runtime,
.NET Core SDK prior to version 1.1.11.
Upgrade to 1.0.13, 1.1.10 or 2.1 or later for
.NET Core runtimes and to 1.1.11 for .NET Core SDK.
For updates refer to Reference links.
Common Vulnerability Exposure (CVE) ID: CVE-2018-8292|
RedHat Security Advisories: RHSA-2018:2902
BugTraq ID: 105548
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.