Описание
Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.18597
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 5.3
redhat
больше 7 лет назад
Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability.
CVSS3: 7.5
github
около 3 лет назад
Improper Input Validation in Microsoft.NETCore.App
EPSS
Процентиль: 95%
0.18597
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-20