CVE-2022-41032

Summary

NuGet Client Elevation of Privilege Vulnerability

Affected Software

VendorProductVersion RangeStatus
Microsoft.NET 6.06.0.0 < 6.0.10affected
Microsoft.NET Core 3.13.1 < 3.1.30affected
MicrosoftMicrosoft Visual Studio 2022 version 17.217.2.0 < 17.2.9affected
MicrosoftMicrosoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)16.11.0 < 16.11.20affected
MicrosoftMicrosoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)15.0.0 < 16.9.26affected
MicrosoftMicrosoft Visual Studio 2022 version 17.017.0.0 < 17.0.15affected
MicrosoftMicrosoft Visual Studio 2022 version 17.317.0.0 < 17.3.6affected
MicrosoftVisual Studio 2022 for Mac version 17.317.3 < 17.3.7affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References