QwikSec

Security Database

CVE

CWE

Training

CVE-2017-0248

Published: May 12, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability."

Vendor	Product	Versions
Microsoft Corporation	Microsoft .NET Framework	affected `Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0248

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.