{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T15:07:35.469","vulnerabilities":[{"cve":{"id":"CVE-2017-0248","sourceIdentifier":"secure@microsoft.com","published":"2017-05-12T14:29:03.973","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka \".NET Security Feature Bypass Vulnerability.\""},{"lang":"es","value":"Microsoft .NET Framework versiones 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 y 4.7, permiten a un atacante omitir las etiquetas de Enhanced Security Usage cuando presentan un certificado que no es válido para un uso específico, también se conoce como \".NET Security Feature Bypass Vulnerability.\""}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*","matchCriteriaId":"42A6DF09-B8E1-414D-97E7-453566055279"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*","matchCriteriaId":"E039CE1F-B988-4741-AE2E-5B36E2AF9688"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*","matchCriteriaId":"8EDC4407-7E92-4E60-82F0-0C87D1860D3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*","matchCriteriaId":"40B3A045-B08A-44E0-91BE-726753F6A362"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*","matchCriteriaId":"280FE663-23BE-45D2-9B31-5F577E390B48"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*","matchCriteriaId":"FF0B660D-1F30-4D45-B98B-726EDB8CB90F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*","matchCriteriaId":"A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*","matchCriteriaId":"734112B3-1383-4BE3-8721-C0F84566B764"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/98117","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038458","source":"secure@microsoft.com"},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0248","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/98117","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038458","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0248","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}