Описание
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly handling web requests, aka ".NET CORE Denial Of Service Vulnerability".
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:aspnetcore:1.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:aspnetcore:1.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:aspnetcore:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.16008
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
redhat
больше 7 лет назад
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly handling web requests, aka ".NET CORE Denial Of Service Vulnerability".
EPSS
Процентиль: 94%
0.16008
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo