admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/1xxx/CVE-2020-1476.json
CVE Team 6a5d923cef
"-Synchronized-Data."
2024-01-19 00:01:05 +00:00

196 lines
9.0 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-1476",
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to an affected server.\nThe update addresses the vulnerability by changing how ASP.NET and .NET handle requests.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft .NET Framework 4.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 2.0 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 4.5.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.0.0.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.0.0.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.7.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.0.0.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.5.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 4.6",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.0.0.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.5.0",
"version_value": "publication"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.5.0",
"version_value": "publication"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1476",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1476"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink