Check: 2014-B-0138
Windows 2012 IAVM:
2014-B-0138
(in version v1 r30)
Title
Microsoft ASP.NET MVC Security Bypass Vulnerability (Cat II impact)
Discussion
Microsoft has released a security bulletin addressing a security bypass vulnerability in ASP.NET MVC. To exploit this vulnerability, an attacker would entice a user to open a malicious link via email sent or hosted webpage. If successfully exploited, the attacker would execute arbitrary code in the browser of an unsuspecting user in the context of the affected site and compromise the affected system.
Check Content
Fix Text
Additional Identifiers
Rule ID:
Vulnerability ID: V-55467
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |