ASP.NET Security Feature Bypass Vulnerability_CVE-2025-55315

9.9 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C

Basic Information

ID CVE-2025-55315

Source microsoft

Published Oct 14, 2025 at 17:00

Modified Oct 14, 2025 at 18:49

Affected Product

Vendor Microsoft

Product ASP.NET Core 8.0

Version 8.0

Affected Versions Microsoft ASP.NET Core 8.0 8.0
Microsoft ASP.NET Core 9.0 9.0
Microsoft ASP.NET Core 2.3 2.3
Microsoft Microsoft Visual Studio 2022 version 17.12 17.12.0
Microsoft Microsoft Visual Studio 2022 version 17.10 17.10.0
Microsoft Microsoft Visual Studio 2022 version 17.14 17.14.0

CWE Classification

CWE-444

References

msrc.microsoft.com /update-guide/vulnerability/CVE-2025-55315

{
    "lastseen": "",
    "description": "",
    "published": "2025-10-14T17:00:10.371Z",
    "modified": "2025-10-14T18:49:28.128Z",
    "type": "cve",
    "title": "ASP.NET Security Feature Bypass Vulnerability",
    "source": "microsoft",
    "references": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55315",
    "id": "CVE-2025-55315",
    "bulletinFamily": "",
    "cwe": [
        "CWE-444"
    ],
    "cvelist": null,
    "sourceData": "Microsoft ASP.NET Core 8.0 8.0\nMicrosoft ASP.NET Core 9.0 9.0\nMicrosoft ASP.NET Core 2.3 2.3\nMicrosoft Microsoft Visual Studio 2022 version 17.12 17.12.0\nMicrosoft Microsoft Visual Studio 2022 version 17.10 17.10.0\nMicrosoft Microsoft Visual Studio 2022 version 17.14 17.14.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.9,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ASP.NET Core 8.0",
    "version": "8.0",
    "vendor": "Microsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Basic Information

Affected Product

CWE Classification

References

💭 Join the Security Discussion ❌ Cancel Reply