Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.816557
Kategorie:Windows
Titel:.NET Core SDK Multiple Vulnerabilities (Jan 2020
Zusammenfassung:This host is installed with ASP.NET Core; SDK and is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is installed with ASP.NET Core
SDK and is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to,

- An error when ASP.NET Core improperly handles web requests.

- An error in ASP.NET Core software when the software fails to handle objects
in memory.

- Multiple errors in .NET software when the software fails to check the source markup
of a file.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code in the context of the current user and conduct DoS attacks.

Affected Software/OS:
ASP.NET Core SDK 3.0.x prior to 3.0.102 and 3.1.x
prior to 3.1.101

Solution:
Upgrade to ASP.NET Core to 3.1.101 or 3.0.102 or later.
For updates refer the Reference link.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2020-0602
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0602
RedHat Security Advisories: RHSA-2020:0130
https://access.redhat.com/errata/RHSA-2020:0130
RedHat Security Advisories: RHSA-2020:0134
https://access.redhat.com/errata/RHSA-2020:0134
Common Vulnerability Exposure (CVE) ID: CVE-2020-0603
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603
Common Vulnerability Exposure (CVE) ID: CVE-2020-0605
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0605
Common Vulnerability Exposure (CVE) ID: CVE-2020-0606
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0606
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.