First published: Thu Jan 09 2020(Updated: )
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/aspnet core | <3.0.1 | 3.0.1 |
redhat/aspnet core | <3.1.1 | 3.1.1 |
Microsoft ASP.NET Core | =2.1 | |
Microsoft ASP.NET Core | =3.0 | |
Microsoft ASP.NET Core | =3.1 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Eus | =8.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-0602 is high with a severity value of 7.5.
The denial of service vulnerability in ASP.NET Core occurs due to improper handling of web requests.
ASP.NET Core versions 2.1, 3.0, 3.0.1, and 3.1 are affected by CVE-2020-0602.
To fix CVE-2020-0602, update ASP.NET Core to version 3.0.1 or 3.1.1 depending on the installed version.
More information about CVE-2020-0602 can be found at the following references: - Microsoft Security Guidance Advisory: [link1] - ASP.NET GitHub Announcements: [link2] - Redhat Errata: [link3]