EOL ASP.NET Core Elevation of Privilege Vulnerability

July 8, 2025 invoker category_cve

CVE Details

Basic Information

Title EOL ASP.NET Core Elevation of Privilege Vulnerability
Type cve
Published 2025-07-08T14:31:45.633Z
Modified 2025-07-08T15:05:44.422Z

Product Information

Vendor Microsoft
Product ASP.NET Core
Version >=6.0.0

CVSS Information

Base Score 7.0 (HIGH)
Attack Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected Products

  • Microsoft ASP.NET Core >=6.0.0
  • Microsoft Microsoft.AspNetCore.Identity >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.win-arm >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.win-arm64 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.win-x64 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.win-x86 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.linux-arm >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.linux-arm64 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.linux-musl-arm >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.linux-musl-x64 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.linux-x64 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.osx-arm64 >=6.0.0
  • Microsoft Microsoft.AspNetCore.App.Runtime.osx-x64 >=6.0.0

Additional Information

CWE List CWE-1390
Source HeroDevs

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.