Microsoft Iis Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

4.0102
5.088
5.134
3.020
6.012

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix168
Temporary Fix0
Workaround8
Unavailable2
Not Defined14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High20
Functional0
Proof-of-Concept50
Unproven2
Not Defined120

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local16
Adjacent0
Network176

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High0
Low24
None168

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required18
None174

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤30
≤410
≤514
≤694
≤718
≤844
≤92
≤1010

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤30
≤414
≤530
≤688
≤734
≤816
≤94
≤106

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤30
≤410
≤516
≤692
≤718
≤844
≤92
≤1010

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤72
≤82
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k0
<2k0
<5k0
<10k8
<25k102
<50k64
<100k18
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k176
<2k0
<5k4
<10k8
<25k4
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Versions (19): 1.0, 2.0, 2.5, 3.0, 4.0, 5.0, 5.06, 5.1, 6, 6.0, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 8.0, 8.5, 10

Link to Product Website: https://www.microsoft.com/

Software Type: Web Server

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
03/10/20207.47.1Microsoft IIS input validation$25k-$100k$5k-$25kNot DefinedOfficial Fix0.06CVE-2020-0645
06/11/20196.86.5Microsoft IIS Request Filter data processing$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-0941
03/27/20178.58.4Microsoft IIS WebDAV ScStoragePathFromUrl Immortal/ExploidingCan memory corruption$25k-$100k$0-$5kHighOfficial Fix0.00CVE-2017-7269
03/14/20175.24.7Microsoft IIS cross site scripting$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.24CVE-2017-0055
05/10/20167.87.6Microsoft IIS DLL Loader access control$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-0152
11/28/20144.34.1Microsoft IIS Error Message mypage cross site scripting$5k-$25k$0-$5kHighWorkaround0.04
11/11/20146.55.7Microsoft IIS IP/Domain Restriction access control$25k-$100k$0-$5kUnprovenOfficial Fix0.41CVE-2014-4078
04/23/20146.56.5Microsoft IIS input validation$25k-$100k$5k-$25kNot DefinedNot Defined0.04CVE-2011-5279
11/13/20125.34.8Microsoft IIS FTP Command information disclosure$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2012-2532
11/13/20125.34.8Microsoft IIS Log File Permission information disclosure$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2012-2531
06/30/20126.55.9Microsoft IIS File Name Tilde privileges management$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2005-4360
12/22/20107.57.2Microsoft IIS FTP Server memory corruption$25k-$100k$0-$5kHighOfficial Fix0.03CVE-2010-3972
09/15/20107.37.0Microsoft IIS Access Restriction improper authentication$5k-$25k$0-$5kHighOfficial Fix0.00CVE-2010-2731
09/14/20105.95.7Microsoft IIS memory corruption$25k-$100k$0-$5kHighOfficial Fix0.07CVE-2010-1899
09/14/20107.37.0Microsoft IIS FastCGI memory corruption$25k-$100k$0-$5kNot DefinedOfficial Fix0.04CVE-2010-2730
06/08/20109.99.9Microsoft IIS code injection$25k-$100k$5k-$25kNot DefinedNot Defined0.03CVE-2010-1256
02/05/20104.34.3Microsoft IIS cross site scripting$5k-$25k$0-$5kNot DefinedNot Defined0.03CVE-2003-1582
12/29/20096.36.0Microsoft IIS asp:.jpg input validation$25k-$100k$0-$5kNot DefinedOfficial Fix0.06CVE-2009-4445
12/24/20095.45.1Microsoft IIS ASP input validation$25k-$100k$0-$5kProof-of-ConceptUnavailable0.03CVE-2009-4444
09/04/20097.57.2Microsoft IIS FTP Server resource management$5k-$25k$0-$5kHighOfficial Fix0.03CVE-2009-2521
06/10/20098.17.7Microsoft IIS improper authentication$25k-$100k$0-$5kHighOfficial Fix0.04CVE-2009-1122
06/10/20098.17.7Microsoft IIS Password Protection improper authentication$25k-$100k$0-$5kHighOfficial Fix0.04CVE-2009-1535
09/29/20089.89.8Microsoft iis ActiveX Control iisext.dll credentials management$25k-$100k$5k-$25kNot DefinedNot Defined0.04CVE-2008-4301
09/29/20085.35.3Microsoft iis ActiveX Control adsiis.dll input validation$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2008-4300
02/12/200810.09.0Microsoft IIS code injection$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2008-0075

167 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 167 results.

more entries by Microsoft

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!