.NET 和 Visual Studio 特权提升漏洞

2023-12-01 14:45:55 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

CVE编号

CVE-2021-31204

利用情况

暂无

补丁情况

官方补丁

披露时间

2021-05-11

.NET and Visual Studio Elevation of Privilege Vulnerability

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31204
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31204

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	microsoft	.net	*	From (including) 5.0	Up to (including) 5.0.5
	运行在以下环境
	应用	microsoft	.net_core	*	From (including) 3.1	Up to (including) 3.1.14
	运行在以下环境
	应用	microsoft	visual_studio_2019	*	From (including) 16.0	Up to (excluding) 16.4.22
	运行在以下环境
	应用	microsoft	visual_studio_2019	*	From (including) 16.5.0	Up to (excluding) 16.7.15
	运行在以下环境
	应用	microsoft	visual_studio_2019	*	From (including) 16.8.0	Up to (excluding) 16.9.5
	运行在以下环境
	应用	microsoft	visual_studio_2019	8.9	-
	运行在以下环境
	系统	anolis_os_8	dotnet-hostfxr-3.1	*		Up to (excluding) 3.1.22-3.0.1
	运行在以下环境
	系统	anolis_os_8	dotnet-templates-5.0	*		Up to (excluding) 5.0.14-1.0.1
	运行在以下环境
	系统	centos_8	dotnet-targeting-pack-3.1	*		Up to (excluding) 5.0.6-1.el8_4
	运行在以下环境
	系统	fedora_32	aspnetcore-targeting-pack-5.0-5.0.6-1.fc32.x86_64.rpm (	*		Up to (excluding) 3.1.115-1.fc32
	运行在以下环境
	系统	fedora_33	dotnet-host-debuginfo-5.0.6-1.fc33.x86_64.rpm (	*		Up to (excluding) 3.1.115-1.fc33
	运行在以下环境
	系统	fedora_34	dotnet-sdk-5.0	*		Up to (excluding) 3.1.115-1.fc34
	运行在以下环境
	系统	oracle_8	oraclelinux-release	*		Up to (excluding) 5.0.6-1.0.1.el8_4
	运行在以下环境
	系统	redhat_8	dotnet-targeting-pack-3.1	*		Up to (excluding) 5.0.6-1.el8_4