ASP.Net Forms Authentication Bypass Vulnerability

ASP.Net Forms Authentication Bypass Vulnerability

CVE-2011-3416 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."

Learn more about our User Device Pen Test.