Description

A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.

Remediation

References

CVE-2018-8171

Related Vulnerabilities

Ruby Interpretation Conflict Vulnerability (CVE-2021-33621)

Apache HTTP Server CVE-2009-3720 Vulnerability (CVE-2009-3720)

MySQL Integer Overflow or Wraparound Vulnerability (CVE-2017-3599)

Kong Server Incorrect Authorization Vulnerability (CVE-2021-27306)

WordPress Plugin AdWizz 'link' Parameter Cross-Site Scripting (1.0)

Severity

High

Classification

CVE-2018-8171 CWE-287 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities