CVE-2020-1045
11.09.2020, 17:15
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| microsoft | asp.net_core | 2.1 ≤ 𝑥 ≤ 2.1.21 |
| microsoft | asp.net_core | 3.1 ≤ 𝑥 < 3.1.8 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_aus | 8.2 |
| redhat | enterprise_linux_aus | 8.4 |
| redhat | enterprise_linux_aus | 8.6 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_tus | 8.2 |
| redhat | enterprise_linux_tus | 8.4 |
| redhat | enterprise_linux_tus | 8.6 |
𝑥
= Vulnerable software versions
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| aspnetcore-runtime-3.1 |
| ||||||||||
| aspnetcore-targeting-pack-3.1 |
| ||||||||||
| dotnet |
| ||||||||||
| dotnet-apphost-pack-3.1 |
| ||||||||||
| dotnet-host |
| ||||||||||
| dotnet-hostfxr-3.1 |
| ||||||||||
| dotnet-runtime-3.1 |
| ||||||||||
| dotnet-sdk-3.1 |
| ||||||||||
| dotnet-targeting-pack-3.1 |
| ||||||||||
| dotnet-templates-3.1 |
| ||||||||||
| netstandard-targeting-pack-2.1 |
|
References