Vulnerability CVE-2020-1597: Information

Description

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-1597
Published: Aug. 17, 2020
Modified: Jan. 19, 2024

References to Advisories, Solutions, and Tools

Hyperlink
Resource
N/A
  • Patch
  • Vendor Advisory
FEDORA-2020-cad5d17c6d
    FEDORA-2020-9ddf1aa50b

        1. Configuration 1

          cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
          cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
          cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
          Start including
          16.0
          End including
          16.3
          cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
          Start including
          15.0
          End including
          15.8
          cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
          Start including
          16.5
          End including
          16.6

          Configuration 2

          cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
          cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.1
      Back to top