CVE-2020-0603

A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
microsoftasp.net_core
2.1
microsoftasp.net_core
3.0
microsoftasp.net_core
3.1
redhatenterprise_linux
8.0
redhatenterprise_linux_eus
8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2020:0130
https://access.redhat.com/errata/RHSA-2020:0134
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603
https://access.redhat.com/errata/RHSA-2020:0130
https://access.redhat.com/errata/RHSA-2020:0134
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603