Home

CVE-2020-1597

Description

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
8.524

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Microsoft Visual Studio Community 2019 16.3Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Community 2019 16.6Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Enterprise 2019 16.3Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Enterprise 2019 16.6Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Professional 2019 16.3Windows
Multiple Vulnerabilities are affected in Microsoft Visual Studio Professional 2019 16.6Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App 2.1.21Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.win-arm 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget-Microsoft.AspNetCore.All 2.1.21Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.linux-arm 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-arm64 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-x64 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-x64 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.osx-x64 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x64 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x86 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-arm64 3.1.7Windows
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App for Linux 2.1.21Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.win-arm for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget-Microsoft.AspNetCore.All for Linux 2.1.21Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget-Microsoft.AspNetCore.App.Runtime.linux-arm for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-arm64 for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-x64 for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-x64 for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.osx-x64 for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x64 for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-x86 for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 for Linux 3.1.7Linux
Vulnerabilities CVE-2020-1597 are fixed in Nuget - Microsoft.AspNetCore.App.Runtime.win-arm64 for Linux 3.1.7Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234