2020-08-17 11:56:03 -07:00
{
2024-01-04 02:01:19 +00:00
"data_version" : "4.0" ,
2020-08-17 20:02:38 +00:00
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"CVE_data_meta" : {
"ID" : "CVE-2020-1597" ,
2024-01-04 02:01:19 +00:00
"ASSIGNER" : "secure@microsoft.com" ,
2020-08-17 20:02:38 +00:00
"STATE" : "PUBLIC"
} ,
2024-01-04 02:01:19 +00:00
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "<p>A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.</p>\n<p>A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.</p>\n<p>The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.</p>\n"
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Denial of Service"
}
]
}
]
} ,
2020-08-17 20:02:38 +00:00
"affects" : {
"vendor" : {
"vendor_data" : [
{
2024-01-04 02:01:19 +00:00
"vendor_name" : "Microsoft" ,
2020-08-17 20:02:38 +00:00
"product" : {
"product_data" : [
{
"product_name" : "ASP.NET Core 2.1" ,
"version" : {
"version_data" : [
{
2024-01-04 02:01:19 +00:00
"version_affected" : "<" ,
"version_name" : "2.0" ,
"version_value" : "publication"
2020-08-17 20:02:38 +00:00
}
]
}
} ,
{
"product_name" : "ASP.NET Core 3.1" ,
"version" : {
"version_data" : [
{
2024-01-04 02:01:19 +00:00
"version_affected" : "<" ,
"version_name" : "3.0" ,
"version_value" : "publication"
2020-08-17 20:02:38 +00:00
}
]
}
} ,
{
"product_name" : "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)" ,
"version" : {
"version_data" : [
{
2024-01-04 02:01:19 +00:00
"version_affected" : "<" ,
"version_name" : "16.0" ,
"version_value" : "publication"
2020-08-17 20:02:38 +00:00
}
]
}
} ,
{
"product_name" : "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)" ,
"version" : {
"version_data" : [
{
2024-01-04 02:01:19 +00:00
"version_affected" : "<" ,
"version_name" : "15.9.0" ,
"version_value" : "publication"
2020-08-17 20:02:38 +00:00
}
]
}
} ,
{
"product_name" : "Microsoft Visual Studio 2019 version 16.0" ,
"version" : {
"version_data" : [
{
2024-01-04 02:01:19 +00:00
"version_affected" : "<" ,
"version_name" : "16.0" ,
"version_value" : "publication"
2020-08-17 20:02:38 +00:00
}
]
}
} ,
{
2024-01-04 02:01:19 +00:00
"product_name" : "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)" ,
2020-08-17 20:02:38 +00:00
"version" : {
"version_data" : [
{
2024-01-04 02:01:19 +00:00
"version_affected" : "<" ,
"version_name" : "16.0.0" ,
"version_value" : "publication"
2020-08-17 20:02:38 +00:00
}
]
}
}
]
2024-01-04 02:01:19 +00:00
}
2020-08-17 11:56:03 -07:00
}
]
}
2020-08-17 20:02:38 +00:00
} ,
"references" : {
"reference_data" : [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597" ,
"refsource" : "MISC" ,
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597"
2020-09-12 18:01:30 +00:00
} ,
{
2024-01-04 02:01:19 +00:00
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/" ,
"refsource" : "MISC" ,
"name" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/"
2020-09-25 20:01:35 +00:00
} ,
{
2024-01-04 02:01:19 +00:00
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/" ,
"refsource" : "MISC" ,
"name" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/"
2020-08-17 20:02:38 +00:00
}
]
}
}
