Denial of Service Vulnerability in ASP.NET Core by Microsoft
CVE-2019-0982

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Asp.net Core
Vendor: CVE Published:; 16 May 2019

Summary

A denial of service vulnerability in ASP.NET Core arises when the framework inadequately processes web requests, leading to potential service interruptions. This flaw can be exploited by attackers to overwhelm the server with requests, resulting in degraded performance or complete service outages. Organizations using affected versions of ASP.NET Core should apply security updates promptly to mitigate this risk.

Affected Version(s)

ASP.NET Core 2.1

ASP.NET Core 2.2

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 16, 2019
Vulnerability Reserved
Nov 26, 2018