Home

CVE-2020-1161

Description

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka ASP.NET Core Denial of Service Vulnerability.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
4.127

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Microsoft Visual Studio Community 2017 15.9Windows
Vulnerabilities CVE-2020-1108,CVE-2020-1161 are affected in Microsoft Visual Studio Community 2019 16.5Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Enterprise 2017 15.9Windows
Vulnerabilities CVE-2020-1108,CVE-2020-1161 are affected in Microsoft Visual Studio Enterprise 2019 16.5Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Professional 2017 15.9Windows
Vulnerabilities CVE-2020-1108,CVE-2020-1161 are affected in Microsoft Visual Studio Professional 2019 16.5Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.win-arm 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.linux-arm 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-arm64 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-x64 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-x64 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.osx-x64 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x64 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x86 3.1.4Windows
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 3.1.4Windows
(RHSA-2020:2250) dotnet3.1 security update aspnetcore-runtime-3.1-3.1.4-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update aspnetcore-targeting-pack-3.1-3.1.4-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-3.1.104-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-apphost-pack-3.1-3.1.4-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-host-3.1.4-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-hostfxr-3.1-3.1.4-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-runtime-3.1-3.1.4-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-sdk-3.1-3.1.104-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-targeting-pack-3.1-3.1.4-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet-templates-3.1-3.1.104-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update dotnet3.1-debugsource-3.1.104-2.el8_2.x86_64.rpmLinux
(RHSA-2020:2250) dotnet3.1 security update netstandard-targeting-pack-2.1-3.1.104-2.el8_2.x86_64.rpmLinux
Vulnerabilities CVE-2020-1161 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.win-arm for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.linux-arm for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-arm64 for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-x64 for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-x64 for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.osx-x64 for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x64 for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x86 for Linux 3.1.4Linux
Vulnerabilities CVE-2020-1161 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 for Linux 3.1.4Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234