CVE-2021-41355: .NET Core and Visual Studio Information Disclosure Vulnerability
An Information Disclosure vulnerability exists in .NET where System.DirectoryServices.Protocols.LdapConnection may send credentials in plain text on non-Windows Operating systems.
CVE-2021-41355 impacts users of PowerShell 7.1.
To check the PowerShell version you are running and determine if you are vulnerable to attacks exploiting these two bugs, you can execute the pwsh -v command from a Command Prompt.
Admins are advised to install the updated PowerShell 7.0.8 and 7.1.5 versions as soon as possible to protect systems from potential attacks.
Please check the references/vendor advisory for more information.
02 Nov 2022 - Security Advisories & Alerts
20 Oct 2022 - Security Advisories & Alerts