CVE-2020-0602
Description
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka ASP.NET Core Denial of Service Vulnerability.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
4.034
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App 3.0.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App 2.1.15 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.Http.Connections 1.0.15 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.win-arm 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget-Microsoft.AspNetCore.All 2.1.15 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.linux-arm 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-arm64 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-x64 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-x64 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.osx-x64 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x64 3.1.1 | Windows |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x86 3.1.1 | Windows |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update aspnetcore-runtime-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update aspnetcore-targeting-pack-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-apphost-pack-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-host-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-hostfxr-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-runtime-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-sdk-3.0-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-targeting-pack-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-templates-3.0-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet3.0-debugsource-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update netstandard-targeting-pack-2.1-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update aspnetcore-runtime-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update aspnetcore-targeting-pack-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-apphost-pack-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-host-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-hostfxr-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-runtime-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-sdk-3.0-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-targeting-pack-3.0-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (CESA-2020:0130) .NET Core on Red Hat Enterprise Linux security and bug fix update dotnet-templates-3.0-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130)Critical: Core on Red Hat Enterprise Linux security and bug fix update dotnet-apphost-pack-3.0-debuginfo-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130)Critical: Core on Red Hat Enterprise Linux security and bug fix update dotnet-host-debuginfo-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130)Critical: Core on Red Hat Enterprise Linux security and bug fix update dotnet-hostfxr-3.0-debuginfo-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130)Critical: Core on Red Hat Enterprise Linux security and bug fix update dotnet-runtime-3.0-debuginfo-3.0.2-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130)Critical: Core on Red Hat Enterprise Linux security and bug fix update dotnet-sdk-3.0-debuginfo-3.0.102-2.el8_1.x86_64.rpm | Linux |
| (RHSA-2020:0130)Critical: Core on Red Hat Enterprise Linux security and bug fix update dotnet3.0-debuginfo-3.0.102-2.el8_1.x86_64.rpm | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App for Linux 3.0.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App for Linux 2.1.15 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.Http.Connections for Linux 1.0.15 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.win-arm for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget-Microsoft.AspNetCore.All for Linux 2.1.15 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.linux-arm for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-arm64 for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-x64 for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-x64 for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.osx-x64 for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x64 for Linux 3.1.1 | Linux |
| Vulnerabilities CVE-2020-0602,CVE-2020-0603 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x86 for Linux 3.1.1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234