Microsoft Iis Sårbarheter

Tidslinje

Version

4.092
5.090
5.134
3.026
6.010

Åtgärd

Official Fix174
Temporary Fix0
Workaround6
Unavailable2
Not Defined10

Utnyttjbarhet

High22
Functional0
Proof-of-Concept48
Unproven0
Not Defined122

Åtkomstvektor

Not Defined0
Physical0
Local22
Adjacent4
Network166

Autentisering

Not Defined0
High0
Low26
None166

Användarinteraktion

Not Defined0
Required14
None178

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤418
≤520
≤678
≤714
≤844
≤98
≤1010

CVSSv3 Temp

≤10
≤20
≤32
≤424
≤526
≤670
≤738
≤822
≤92
≤108

VulDB

≤10
≤20
≤30
≤418
≤522
≤678
≤712
≤844
≤98
≤1010

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤72
≤86
≤90
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Säljare

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤84
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Utnyttja 0-dagars

<1k0
<2k0
<5k0
<10k8
<25k98
<50k72
<100k14
≥100k0

Utnyttja idag

<1k180
<2k0
<5k4
<10k6
<25k2
<50k0
<100k0
≥100k0

Utnyttja marknadsvolymen

🔴 CTI Aktiviteter

Affected Versions (19): 1.0, 2.0, 2.5, 3.0, 4.0, 5.0, 5.06, 5.1, 6, 6.0, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 8.0, 8.5, 10

Link to Product Website: https://www.microsoft.com/

Programvarutyp: Web Server

PubliceradBaseTempSårbarhet0dayI dagUtnRemCTICVE
10/03/20207.47.1Microsoft IIS privilegier eskalering$25k-$100k$5k-$25kNot DefinedOfficial Fix0.02CVE-2020-0645
11/06/20196.86.5Microsoft IIS Request Filter förnekande av tjänsten$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2019-0941
27/03/20178.58.4Microsoft IIS WebDAV ScStoragePathFromUrl Immortal/ExploidingCan minneskorruption$25k-$100k$0-$5kHighOfficial Fix0.04CVE-2017-7269
14/03/20175.24.7Microsoft IIS cross site scripting$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.02CVE-2017-0055
10/05/20167.87.6Microsoft IIS DLL Loader privilegier eskalering$25k-$100kBeräknandeNot DefinedOfficial Fix0.03CVE-2016-0152
28/11/20144.34.1Microsoft IIS Error Message mypage cross site scripting$5k-$25kBeräknandeHighWorkaround0.00
11/11/20146.55.7Microsoft IIS IP/Domain Restriction privilegier eskalering$25k-$100k$0-$5kUnprovenOfficial Fix0.09CVE-2014-4078
23/04/20146.56.5Microsoft IIS privilegier eskalering$25k-$100k$5k-$25kNot DefinedNot Defined0.00CVE-2011-5279
13/11/20125.34.8Microsoft IIS FTP Command informationsgivning$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2012-2532
13/11/20125.34.8Microsoft IIS Log File Permission informationsgivning$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2012-2531
30/06/20126.55.9Microsoft IIS File Name Tilde privilegier eskalering$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2005-4360
22/12/20107.57.2Microsoft IIS FTP Server minneskorruption$25k-$100k$0-$5kHighOfficial Fix0.04CVE-2010-3972
15/09/20107.37.0Microsoft IIS Access Restriction svag autentisering$5k-$25k$0-$5kHighOfficial Fix0.02CVE-2010-2731
14/09/20105.95.7Microsoft IIS minneskorruption$25k-$100k$0-$5kHighOfficial Fix0.00CVE-2010-1899
14/09/20107.37.0Microsoft IIS FastCGI minneskorruption$25k-$100k$0-$5kNot DefinedOfficial Fix0.03CVE-2010-2730
08/06/20109.99.9Microsoft IIS privilegier eskalering$25k-$100k$5k-$25kNot DefinedNot Defined0.02CVE-2010-1256
05/02/20104.34.3Microsoft IIS cross site scripting$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2003-1582
29/12/20096.36.0Microsoft IIS asp:.jpg privilegier eskalering$25k-$100k$0-$5kNot DefinedOfficial Fix0.02CVE-2009-4445
24/12/20095.45.1Microsoft IIS ASP privilegier eskalering$25k-$100k$5k-$25kProof-of-ConceptUnavailable0.03CVE-2009-4444
04/09/20097.57.2Microsoft IIS FTP Server förnekande av tjänsten$5k-$25kBeräknandeHighOfficial Fix0.03CVE-2009-2521
10/06/20098.17.7Microsoft IIS svag autentisering$25k-$100kBeräknandeHighOfficial Fix0.00CVE-2009-1122
10/06/20098.17.7Microsoft IIS Password Protection svag autentisering$25k-$100k$0-$5kHighOfficial Fix0.02CVE-2009-1535
29/09/20089.89.8Microsoft iis ActiveX Control iisext.dll privilegier eskalering$25k-$100k$5k-$25kNot DefinedNot Defined0.00CVE-2008-4301
29/09/20085.35.3Microsoft iis ActiveX Control adsiis.dll privilegier eskalering$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2008-4300
12/02/200810.09.0Microsoft IIS privilegier eskalering$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2008-0075

167 fler poster visas inte

fler inlägg av Microsoft

Might our Artificial Intelligence support you?

Check our Alexa App!