CVE-2025-7326

High

Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. NOTE: This CVE affects only…

36c7be3b-2937-45df-85ea-ca7133ea542c·CWE-1390·Published 2025-07-08

CVSS

7.0

EPSS

0.01

KEV

Exploits

cve.orgen

281 chars

Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry.

NVDen

281 chars

NVDes

319 chars

La autenticación débil en EOL ASP.NET Core permite a un atacante no autorizado elevar privilegios en una red. NOTA: Esta CVE solo afecta a los componentes de software al final de su vida útil (EOL). El proveedor, Microsoft, ha indicado que no se ofrecerán actualizaciones ni soporte técnico en el futuro si se solicita.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.0	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
3.1	Secondary	NVD	7.0	2.2	4.7	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H