Vulnerability Name:

CVE-2011-3416 (CCN-72027)

Assigned:2011-12-29
Published:2011-12-29
Updated:2020-09-28
Summary:The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."
CVSS v3 Severity:8.0 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:8.5 High (CVSS v2 Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C)
6.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
8.5 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C)
6.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2011-3416

Source: CCN
Type: Packetstorm Security Website
Microsoft ASP.NET Forms Authentication Bypass

Source: CCN
Type: SA47323
Microsoft .NET Framework Multiple Vulnerabilities

Source: CCN
Type: Microsoft Security Bulletin MS11-100
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

Source: CCN
Type: Microsoft Security Bulletin MS13-082
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2878890)

Source: CCN
Type: Microsoft Security Bulletin MS14-009
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)

Source: CCN
Type: Microsoft Security Bulletin MS15-080
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662)

Source: CCN
Type: Microsoft Security Bulletin MS15-097
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656)

Source: CCN
Type: Microsoft Security Bulletin MS15-115
Security Update for Microsoft Windows to Address Remote Code Execution (3105864)

Source: CCN
Type: Microsoft Security Bulletin MS15-116
Security Updates for Microsoft Office to Address Remote Code Execution (3104540)

Source: CCN
Type: Microsoft Security Bulletin MS15-118
Security Updates for .NET Framework to Address Elevation of Privilege (3104507)

Source: CCN
Type: Microsoft Security Bulletin MS15-123
Security Update for Skype for Business and Lync to Address Information Disclosure (3105872)

Source: CCN
Type: Microsoft Security Bulletin MS15-128
Security Update for Microsoft Graphics Component to Address Remote Code Execution (3104503)

Source: CCN
Type: Microsoft Security Bulletin MS15-129
Security Update for Silverlight to Address Remote Code Execution (3106614)

Source: CCN
Type: Microsoft Security Bulletin MS15-131
Security Update for Microsoft Office to Address Remote Code Execution (3116111)

Source: CCN
Type: Microsoft Security Bulletin MS15-132
Security Update for Microsoft Windows to Address Remote Code Execution (3116162)

Source: CCN
Type: Microsoft Security Bulletin MS15-135
Security Update for Windows Kernel Mode Drivers to Address Elevation of Privilege (3119075)

Source: CCN
Type: Microsoft Security Bulletin MS16-004
Security Update for Microsoft Office to Address Remote Code Execution - Critical (3124585)

Source: CCN
Type: Microsoft Security Bulletin MS16-006
Security Update for Silverlight to Address Remote Code Execution (3126036)

Source: CCN
Type: Microsoft Security Bulletin MS16-008
Security Update for Kernel to Address Elevation of Privilege (3124605)

Source: CCN
Type: Microsoft Security Bulletin MS16-014
Security update for Microsoft Windows to Address Remote Code Execution (3134228)

Source: CCN
Type: Microsoft Security Bulletin MS16-015
Security Update for Microsoft Office to Address Remote Code Execution (3134226)

Source: CCN
Type: Microsoft Security Bulletin MS16-029
Security Update for Microsoft Office to Address Remote Code Execution (3141806)

Source: CCN
Type: Microsoft Security Bulletin MS16-031
Security Update for Microsoft Windows to Address Elevation of Privilege (3140410)

Source: CCN
Type: Microsoft Security Bulletin MS16-035
Security Update for .NET Framework to Address Security Feature Bypass (3141780)

Source: CCN
Type: Microsoft Security Bulletin MS16-042
Security Update for Microsoft Office (3148775)

Source: CCN
Type: Microsoft Security Bulletin MS16-044
Security Update for Windows OLE (3146706)

Source: CCN
Type: Microsoft Security Bulletin MS16-048
Security Update for CSRSS (3148528)

Source: CCN
Type: Microsoft Security Bulletin MS16-054
Security Update for Microsoft Office (3155544)

Source: CCN
Type: Microsoft Security Bulletin MS16-060
Security Update for Windows Kernel (3154846)

Source: CCN
Type: Microsoft Security Bulletin MS16-061
Security Update for Microsoft RPC (3155520)

Source: CCN
Type: Microsoft Security Bulletin MS16-070
Security Update for Office (3163610)

Source: CCN
Type: Microsoft Security Bulletin MS16-088
Security Updates for Office (3170008)

Source: CCN
Type: Microsoft Security Bulletin MS16-092
Security Update for Windows Kernel (3171910)

Source: CCN
Type: Microsoft Security Bulletin MS16-097
Security Update for Microsoft Graphics Component (3177393)

Source: CCN
Type: Microsoft Security Bulletin MS16-099
Security Update for Office (3177451)

Source: CCN
Type: Microsoft Security Bulletin MS16-106
Security Update for Microsoft Graphics Component (3185848)

Source: CCN
Type: Microsoft Security Bulletin MS16-107
Security Update for Microsoft Office (3185852)

Source: CCN
Type: Microsoft Security Bulletin MS16-109
Security Update for Silverlight (3182373)

Source: CCN
Type: Microsoft Security Bulletin MS16-111
Security Update for Windows Kernel (3186973)

Source: CCN
Type: Microsoft Security Bulletin MS16-120
Security Update for Microsoft Graphics Component (3192884)

Source: CCN
Type: Microsoft Security Bulletin MS16-121
Security Update for Microsoft Office (3194063)

Source: CCN
Type: Microsoft Security Bulletin MS16-122
Security Update for Microsoft Video Control (3195360)

Source: CCN
Type: Microsoft Security Bulletin MS16-123
Security Update for Kernel-Mode Drivers (3192892)

Source: CCN
Type: Microsoft Security Bulletin MS16-124
Security Update for Windows Registry (3193227)

Source: CCN
Type: Microsoft Security Bulletin MS16-126
Security Update for Microsoft Internet Messaging API (3196067)

Source: CCN
Type: Microsoft Security Bulletin MS16-131
Security Update for Microsoft Video Control (3199151)

Source: CCN
Type: Microsoft Security Bulletin MS16-133
Security Update for Microsoft Office (3199168)

Source: CCN
Type: Microsoft Security Bulletin MS16-139
Security Update for Windows Kernel (3199720)

Source: CCN
Type: Microsoft Security Bulletin MS16-148
Security Update for Microsoft Office (3204068)

Source: CCN
Type: Microsoft Security Bulletin MS16-155
Security Update for .NET Framework (3205640)

Source: CCN
Type: Microsoft Security Bulletin MS17-002
Security Update for Microsoft Office (3214291)

Source: CCN
Type: Microsoft Security Bulletin MS17-006
Cumulative Security Update for Internet Explorer (4013073)

Source: CCN
Type: Microsoft Security Bulletin MS17-013
Security Update for Microsoft Graphics Component (4013075)

Source: CCN
Type: Microsoft Security Bulletin MS17-014
Security Update for Microsoft Office (4013241)

Source: CCN
Type: BID-51201
Microsoft .NET Framework CVE-2011-3416 ASP.NET Forms Authentication Bypass Vulnerability

Source: CERT
Type: US Government Resource
TA11-347A

Source: MS
Type: UNKNOWN
MS11-100

Source: XF
Type: UNKNOWN
ms-aspnet-forms-auth-bypass(72027)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14363

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_7:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x64:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x86:*
  • OR cpe:/o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:sp3:unknown:english:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*
  • OR cpe:/a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:14363
    V
    		ASP.Net Forms Authentication Bypass Vulnerability
    2014-08-18
    BACK
    microsoft windows 7 -
    microsoft windows 7 - sp1
    microsoft windows 7 - sp1
    microsoft windows server 2003 * sp2
    microsoft windows server 2008 * r2
    microsoft windows server 2008 * sp2
    microsoft windows server 2008 - sp2
    microsoft windows server 2008 - sp2
    microsoft windows server 2008 r2
    microsoft windows vista * sp2
    microsoft windows vista - sp2
    microsoft windows xp * sp2
    microsoft windows xp sp3 unknown
    microsoft .net framework 1.1 sp1
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows xp sp2
    microsoft windows server 2008 -
    microsoft windows xp sp3
    microsoft windows vista - sp2
    microsoft windows vista - sp2
    microsoft windows server 2008 sp2
    microsoft .net framework 2.0 sp2
    microsoft .net framework 3.5 sp1
    microsoft windows 7 -
    microsoft windows server 2008 - r2
    microsoft windows server 2008 r2
    microsoft windows server 2008
    microsoft .net framework 3.5.1
    microsoft .net framework 4.0
    microsoft windows 7 - sp1
    microsoft windows server 2008 r2 sp1
    microsoft windows server 2008 r2 sp1