CVE-2021-26423
HIGH.NET 5.0 < 5.0.8 and .NET Core 2.1 < 2.1.28 - Denial of Service
Title source: llmDescription
.NET Core and Visual Studio Denial of Service Vulnerability
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26423
Scores
CVSS v3
7.5
EPSS
0.0386
EPSS Percentile
89.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
Status
published
Products (40)
microsoft/.net
5.0 - 5.0.8
Microsoft/.NET 5.0
5.0.0 - 5.0.9
Microsoft/.NET Core 2.1
2.1 - 2.1.30
Microsoft/.NET Core 3.1
3.1 - 3.1.18
microsoft/.net_core
2.1 - 2.1.28
Microsoft/Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
15.9.0 - 15.9.38
Microsoft/Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9)
16.10.0 - 16.10.5
Microsoft/Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)
16.0 - 16.4.25
Microsoft/Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
16.0.0 - 16.7.18
Microsoft/Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
15.0.0 - 16.9.10
... and 30 more
Published
Aug 12, 2021
Tracked Since
Feb 18, 2026