CVE-2024-29059 (GCVE-0-2024-29059)
Vulnerability from cvelistv5
Published
2024-03-22 23:09
Modified
2025-02-04 17:20
Severity ?
EPSS score ?
Summary
.NET Framework Information Disclosure Vulnerability
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft .NET Framework 4.8 |
Version: 4.8.0 < 4.8.04690.02 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2025-02-04
Due date: 2025-02-25
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Used in ransomware: Unknown
Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29059
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T01:03:51.634Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: ".NET Framework Information Disclosure Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2024-29059", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T15:47:39.403090Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2025-02-04", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T17:20:23.685Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, timeline: [ { lang: "en", time: "2025-02-04T00:00:00+00:00", value: "CVE-2024-29059 added to CISA KEV", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)", ], product: "Microsoft .NET Framework 4.8", vendor: "Microsoft", versions: [ { lessThan: "4.8.04690.02", status: "affected", version: "4.8.0", versionType: "custom", }, ], }, { platforms: [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", ], product: "Microsoft .NET Framework 3.5 AND 4.8", vendor: "Microsoft", versions: [ { lessThan: "4.8.04690.02", status: "affected", version: "4.8.0", versionType: "custom", }, ], }, { platforms: [ "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", ], product: "Microsoft .NET Framework 3.5 AND 4.7.2", vendor: "Microsoft", versions: [ { lessThan: "4.7.04081.03", status: "affected", version: "4.7.0", versionType: "custom", }, ], }, { platforms: [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)", ], product: "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", vendor: "Microsoft", versions: [ { lessThan: "4.7.04081.03", status: "affected", version: "4.7.0", versionType: "custom", }, ], }, { platforms: [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)", ], product: "Microsoft .NET Framework 3.5 AND 4.8.1", vendor: "Microsoft", versions: [ { lessThan: "4.8.09214.01", status: "affected", version: "4.8.1", versionType: "custom", }, ], }, { platforms: [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", ], product: "Microsoft .NET Framework 4.6.2", vendor: "Microsoft", versions: [ { lessThan: "4.7.04081.03", status: "affected", version: "4.7.0", versionType: "custom", }, ], }, { platforms: [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", ], product: "Microsoft .NET Framework 3.5 AND 4.6/4.6.2", vendor: "Microsoft", versions: [ { lessThan: "10.0.10240.20402", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { platforms: [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", ], product: "Microsoft .NET Framework 2.0 Service Pack 2", vendor: "Microsoft", versions: [ { lessThan: "3.0.50727.8976", status: "affected", version: "2.0.0", versionType: "custom", }, ], }, { platforms: [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", ], product: "Microsoft .NET Framework 3.0 Service Pack 2", vendor: "Microsoft", versions: [ { lessThan: "3.0.50727.8976", status: "affected", version: "3.0.0", versionType: "custom", }, ], }, { platforms: [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)", ], product: "Microsoft .NET Framework 3.5", vendor: "Microsoft", versions: [ { lessThan: "3.0.50727.8976", status: "affected", version: "3.5.0", versionType: "custom", }, ], }, { platforms: [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", ], product: "Microsoft .NET Framework 3.5.1", vendor: "Microsoft", versions: [ { lessThan: "3.0.30729.8959", status: "affected", version: "3.5.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "4.8.04690.02", versionStartIncluding: "4.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "4.8.04690.02", versionStartIncluding: "4.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "4.7.04081.03", versionStartIncluding: "4.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "4.7.04081.03", versionStartIncluding: "4.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "4.8.09214.01", versionStartIncluding: "4.8.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "4.7.04081.03", versionStartIncluding: "4.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.10240.20402", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", versionEndExcluding: "3.0.50727.8976", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*", versionEndExcluding: "3.0.50727.8976", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "3.0.50727.8976", versionStartIncluding: "3.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "3.0.30729.8959", versionStartIncluding: "3.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2024-03-22T07:00:00.000Z", descriptions: [ { lang: "en-US", value: ".NET Framework Information Disclosure Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-209", description: "CWE-209: Generation of Error Message Containing Sensitive Information", lang: "en-US", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-31T20:19:43.627Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET Framework Information Disclosure Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059", }, ], title: ".NET Framework Information Disclosure Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2024-29059", datePublished: "2024-03-22T23:09:05.745Z", dateReserved: "2024-03-14T23:05:27.954Z", dateUpdated: "2025-02-04T17:20:23.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { cisa_known_exploited: { cveID: "CVE-2024-29059", cwes: "[\"CWE-209\"]", dateAdded: "2025-02-04", dueDate: "2025-02-25", knownRansomwareCampaignUse: "Unknown", notes: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059 ; https://nvd.nist.gov/vuln/detail/CVE-2024-29059", product: ".NET Framework", requiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", shortDescription: "Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.", vendorProject: "Microsoft", vulnerabilityName: "Microsoft .NET Framework Information Disclosure Vulnerability", }, fkie_nvd: { configurations: "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"23317443-1968-4791-9F20-AD3B308A83D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EF7A75E-EE27-4AA7-8D84-9D696728A4CE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61019899-D7AF-46E4-A72C-D189180F66AB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*\", \"matchCriteriaId\": \"306B7CE6-8239-4AED-9ED4-4C9F5B349F58\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB79EE26-FC32-417D-A49C-A1A63165A968\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"23317443-1968-4791-9F20-AD3B308A83D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D3F18AF-84ED-473B-A8DF-65EB23C475AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61019899-D7AF-46E4-A72C-D189180F66AB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E332666-2E03-468E-BC30-299816D6E8ED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F513002-D8C1-4D3A-9F79-4B52498F67E9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D8DC08D-A860-493A-8AA6-1AD4A0A511AD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB4AE761-6FAC-4000-A63D-42CE3FAB8412\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB79EE26-FC32-417D-A49C-A1A63165A968\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EDC4407-7E92-4E60-82F0-0C87D1860D3A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\", \"matchCriteriaId\": \"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB18C4CE-5917-401E-ACF7-2747084FD36E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"42A6DF09-B8E1-414D-97E7-453566055279\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D400E856-2B2E-4CEA-8CA5-309FDF371CEA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F422A8C-2C4E-42C8-B420-E0728037E15C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"23317443-1968-4791-9F20-AD3B308A83D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"280FE663-23BE-45D2-9B31-5F577E390B48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*\", \"matchCriteriaId\": \"A045AC0A-471E-444C-B3B0-4CABC23E8CFB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*\", \"matchCriteriaId\": \"28A7FEE9-B473-48A0-B0ED-A5CC1E44194C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F422A8C-2C4E-42C8-B420-E0728037E15C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"23317443-1968-4791-9F20-AD3B308A83D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"934D4E46-12C1-41DC-A28C-A2C430E965E4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F513002-D8C1-4D3A-9F79-4B52498F67E9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D8DC08D-A860-493A-8AA6-1AD4A0A511AD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB4AE761-6FAC-4000-A63D-42CE3FAB8412\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4793BFB-2E4E-4067-87A5-4B8749025CA3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42D329B2-432D-4029-87EB-4C3C5F55CD95\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75CCACE6-A0EE-4A6F-BD5A-7AA504B02717\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"734112B3-1383-4BE3-8721-C0F84566B764\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36B0E40A-84EF-4099-A395-75D6B8CDA196\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EF7A75E-EE27-4AA7-8D84-9D696728A4CE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\", \"matchCriteriaId\": \"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB18C4CE-5917-401E-ACF7-2747084FD36E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D3F18AF-84ED-473B-A8DF-65EB23C475AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61019899-D7AF-46E4-A72C-D189180F66AB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\", \"matchCriteriaId\": \"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB18C4CE-5917-401E-ACF7-2747084FD36E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \".NET Framework Information Disclosure Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de divulgaci\\u00f3n de informaci\\u00f3n de .NET Framework\"}]", id: "CVE-2024-29059", lastModified: "2025-01-08T18:33:02.303", metrics: "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}", published: "2024-03-23T00:15:09.150", references: "[{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]", sourceIdentifier: "secure@microsoft.com", vulnStatus: "Analyzed", weaknesses: "[{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-209\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-209\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2024-29059\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2024-03-23T00:15:09.150\",\"lastModified\":\"2025-02-05T02:00:01.767\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\".NET Framework Information Disclosure Vulnerability\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de divulgación de información de .NET Framework\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"cisaExploitAdd\":\"2025-02-04\",\"cisaActionDue\":\"2025-02-25\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Microsoft .NET Framework Information Disclosure Vulnerability\",\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-209\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-209\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"23317443-1968-4791-9F20-AD3B308A83D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EF7A75E-EE27-4AA7-8D84-9D696728A4CE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61019899-D7AF-46E4-A72C-D189180F66AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"306B7CE6-8239-4AED-9ED4-4C9F5B349F58\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"23317443-1968-4791-9F20-AD3B308A83D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3F18AF-84ED-473B-A8DF-65EB23C475AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61019899-D7AF-46E4-A72C-D189180F66AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E332666-2E03-468E-BC30-299816D6E8ED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F513002-D8C1-4D3A-9F79-4B52498F67E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D8DC08D-A860-493A-8AA6-1AD4A0A511AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB4AE761-6FAC-4000-A63D-42CE3FAB8412\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EDC4407-7E92-4E60-82F0-0C87D1860D3A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"42A6DF09-B8E1-414D-97E7-453566055279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D400E856-2B2E-4CEA-8CA5-309FDF371CEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F422A8C-2C4E-42C8-B420-E0728037E15C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"23317443-1968-4791-9F20-AD3B308A83D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"280FE663-23BE-45D2-9B31-5F577E390B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"A045AC0A-471E-444C-B3B0-4CABC23E8CFB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"28A7FEE9-B473-48A0-B0ED-A5CC1E44194C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F422A8C-2C4E-42C8-B420-E0728037E15C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"23317443-1968-4791-9F20-AD3B308A83D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"934D4E46-12C1-41DC-A28C-A2C430E965E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F513002-D8C1-4D3A-9F79-4B52498F67E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D8DC08D-A860-493A-8AA6-1AD4A0A511AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB4AE761-6FAC-4000-A63D-42CE3FAB8412\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4793BFB-2E4E-4067-87A5-4B8749025CA3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42D329B2-432D-4029-87EB-4C3C5F55CD95\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75CCACE6-A0EE-4A6F-BD5A-7AA504B02717\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"734112B3-1383-4BE3-8721-C0F84566B764\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36B0E40A-84EF-4099-A395-75D6B8CDA196\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EF7A75E-EE27-4AA7-8D84-9D696728A4CE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3F18AF-84ED-473B-A8DF-65EB23C475AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61019899-D7AF-46E4-A72C-D189180F66AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059\", \"name\": \".NET Framework Information Disclosure Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T01:03:51.634Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29059\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T15:47:39.403090Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2025-02-04\", \"reference\": \"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-12T17:38:47.084Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-02-04T00:00:00+00:00\", \"value\": \"CVE-2024-29059 added to CISA KEV\"}]}], \"cna\": {\"title\": \".NET Framework Information Disclosure Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 4.8\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.0\", \"lessThan\": \"4.8.04690.02\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 10 Version 1607 for 32-bit Systems\", \"Windows 10 Version 1607 for x64-based Systems\", \"Windows Server 2016\", \"Windows Server 2016 (Server Core installation)\", \"Windows Server 2008 R2 for x64-based Systems Service Pack 1\", \"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)\", \"Windows Server 2012\", \"Windows Server 2012 (Server Core installation)\", \"Windows Server 2012 R2\", \"Windows Server 2012 R2 (Server Core installation)\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 3.5 AND 4.8\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.0\", \"lessThan\": \"4.8.04690.02\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 10 Version 1809 for 32-bit Systems\", \"Windows 10 Version 1809 for x64-based Systems\", \"Windows Server 2019\", \"Windows Server 2019 (Server Core installation)\", \"Windows Server 2022\", \"Windows Server 2022 (Server Core installation)\", \"Windows 11 version 21H2 for x64-based Systems\", \"Windows 11 version 21H2 for ARM64-based Systems\", \"Windows 10 Version 21H2 for 32-bit Systems\", \"Windows 10 Version 21H2 for ARM64-based Systems\", \"Windows 10 Version 21H2 for x64-based Systems\", \"Windows 10 Version 22H2 for x64-based Systems\", \"Windows 10 Version 22H2 for ARM64-based Systems\", \"Windows 10 Version 22H2 for 32-bit Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 3.5 AND 4.7.2\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.7.0\", \"lessThan\": \"4.7.04081.03\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 10 Version 1809 for x64-based Systems\", \"Windows Server 2019\", \"Windows Server 2019 (Server Core installation)\", \"Windows 10 Version 1607 for 32-bit Systems\", \"Windows 10 Version 1607 for x64-based Systems\", \"Windows Server 2016\", \"Windows Server 2016 (Server Core installation)\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.7.0\", \"lessThan\": \"4.7.04081.03\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows Server 2008 R2 for x64-based Systems Service Pack 1\", \"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)\", \"Windows Server 2012\", \"Windows Server 2012 (Server Core installation)\", \"Windows Server 2012 R2\", \"Windows Server 2012 R2 (Server Core installation)\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 3.5 AND 4.8.1\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8.1\", \"lessThan\": \"4.8.09214.01\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows Server 2022\", \"Windows Server 2022 (Server Core installation)\", \"Windows 11 version 21H2 for x64-based Systems\", \"Windows 11 version 21H2 for ARM64-based Systems\", \"Windows 10 Version 21H2 for 32-bit Systems\", \"Windows 10 Version 21H2 for ARM64-based Systems\", \"Windows 10 Version 21H2 for x64-based Systems\", \"Windows 11 Version 22H2 for ARM64-based Systems\", \"Windows 11 Version 22H2 for x64-based Systems\", \"Windows 10 Version 22H2 for x64-based Systems\", \"Windows 10 Version 22H2 for ARM64-based Systems\", \"Windows 10 Version 22H2 for 32-bit Systems\", \"Windows 11 Version 23H2 for ARM64-based Systems\", \"Windows 11 Version 23H2 for x64-based Systems\", \"Windows Server 2022, 23H2 Edition (Server Core installation)\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 4.6.2\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.7.0\", \"lessThan\": \"4.7.04081.03\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows Server 2008 for 32-bit Systems Service Pack 2\", \"Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)\", \"Windows Server 2008 for x64-based Systems Service Pack 2\", \"Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 3.5 AND 4.6/4.6.2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.10240.20402\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows 10 for 32-bit Systems\", \"Windows 10 for x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 2.0 Service Pack 2\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"lessThan\": \"3.0.50727.8976\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows Server 2008 for 32-bit Systems Service Pack 2\", \"Windows Server 2008 for x64-based Systems Service Pack 2\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 3.0 Service Pack 2\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.50727.8976\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows Server 2008 for 32-bit Systems Service Pack 2\", \"Windows Server 2008 for x64-based Systems Service Pack 2\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 3.5\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.0.50727.8976\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows Server 2012\", \"Windows Server 2012 (Server Core installation)\", \"Windows Server 2012 R2\", \"Windows Server 2012 R2 (Server Core installation)\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft .NET Framework 3.5.1\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.0.30729.8959\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows Server 2008 R2 for x64-based Systems Service Pack 1\", \"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)\"]}], \"datePublic\": \"2024-03-22T07:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059\", \"name\": \".NET Framework Information Disclosure Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \".NET Framework Information Disclosure Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-209\", \"description\": \"CWE-209: Generation of Error Message Containing Sensitive Information\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.8.04690.02\", \"versionStartIncluding\": \"4.8.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.8.04690.02\", \"versionStartIncluding\": \"4.8.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.7.04081.03\", \"versionStartIncluding\": \"4.7.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.7.04081.03\", \"versionStartIncluding\": \"4.7.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.8.09214.01\", \"versionStartIncluding\": \"4.8.1\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.7.04081.03\", \"versionStartIncluding\": \"4.7.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.10240.20402\", \"versionStartIncluding\": \"10.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.0.50727.8976\", \"versionStartIncluding\": \"2.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:sp2:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.0.50727.8976\", \"versionStartIncluding\": \"3.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.0.50727.8976\", \"versionStartIncluding\": \"3.5.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.0.30729.8959\", \"versionStartIncluding\": \"3.5.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2024-12-31T20:19:43.627Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-29059\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-04T17:20:23.685Z\", \"dateReserved\": \"2024-03-14T23:05:27.954Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2024-03-22T23:09:05.745Z\", \"assignerShortName\": \"microsoft\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.