Vulnerabilites related to Microsoft - Microsoft Visual Studio 2019 version 16.5
cve-2020-0900
Vulnerability from cvelistv5
Published
2020-04-15 15:12
Modified
2024-08-04 06:18
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Privilege Vulnerability'.
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0900 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2019 version 16.5 |
Version: unspecified |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:18:03.628Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0900", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Microsoft Visual Studio 2019 version 16.5", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019", vendor: "Microsoft", versions: [ { status: "affected", version: "16.0", }, ], }, { product: "Microsoft Visual Studio", vendor: "Microsoft", versions: [ { status: "affected", version: "2015 Update 3", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, ], descriptions: [ { lang: "en", value: "An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Privilege Vulnerability'.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T15:12:44", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0900", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2020-0900", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Microsoft Visual Studio 2019 version 16.5", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019", version: { version_data: [ { version_value: "16.0", }, ], }, }, { product_name: "Microsoft Visual Studio", version: { version_data: [ { version_value: "2015 Update 3", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", version: { version_data: [ { version_value: "", }, ], }, }, ], }, vendor_name: "Microsoft", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Privilege Vulnerability'.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0900", refsource: "MISC", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0900", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2020-0900", datePublished: "2020-04-15T15:12:44", dateReserved: "2019-11-04T00:00:00", dateUpdated: "2024-08-04T06:18:03.628Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0899
Vulnerability from cvelistv5
Published
2020-04-15 15:12
Modified
2024-08-04 06:18
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'.
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0899 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2019 version 16.5 |
Version: unspecified |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:18:03.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0899", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Microsoft Visual Studio 2019 version 16.5", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019", vendor: "Microsoft", versions: [ { status: "affected", version: "16.0", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, ], descriptions: [ { lang: "en", value: "An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T15:12:44", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0899", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2020-0899", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Microsoft Visual Studio 2019 version 16.5", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019", version: { version_data: [ { version_value: "16.0", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", version: { version_data: [ { version_value: "", }, ], }, }, ], }, vendor_name: "Microsoft", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0899", refsource: "MISC", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0899", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2020-0899", datePublished: "2020-04-15T15:12:44", dateReserved: "2019-11-04T00:00:00", dateUpdated: "2024-08-04T06:18:03.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-1108
Vulnerability from cvelistv5
Published
2020-05-21 22:53
Modified
2024-08-04 06:25
Severity ?
EPSS score ?
Summary
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:25:01.017Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: ".NET Core", vendor: "Microsoft", versions: [ { status: "affected", version: "3.1", }, { status: "affected", version: "2.1", }, ], }, { product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019", vendor: "Microsoft", versions: [ { status: "affected", version: "16.0", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.5", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: ".NET Core 5.0", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "PowerShell Core", vendor: "Microsoft", versions: [ { status: "affected", version: "6.2", }, ], }, { product: "PowerShell 7.0", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", vendor: "Microsoft", versions: [ { status: "affected", version: "Windows 7 for 32-bit Systems Service Pack 1", }, { status: "affected", version: "Windows 7 for x64-based Systems Service Pack 1", }, { status: "affected", version: "Windows 8.1 for 32-bit systems", }, { status: "affected", version: "Windows 8.1 for x64-based systems", }, { status: "affected", version: "Windows RT 8.1", }, { status: "affected", version: "Windows Server 2008 R2 for x64-based Systems Service Pack 1", }, { status: "affected", version: "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", }, { status: "affected", version: "Windows Server 2012", }, { status: "affected", version: "Windows Server 2012 (Server Core installation)", }, { status: "affected", version: "Windows Server 2012 R2", }, { status: "affected", version: "Windows Server 2012 R2 (Server Core installation)", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server, version 1803 (Server Core Installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2016", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows RT 8.1", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2012", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2012 R2", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1909 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "1903", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server, version 1803 (Server Core Installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 4.6", vendor: "Microsoft", versions: [ { status: "affected", version: "Windows Server 2008 for 32-bit Systems Service Pack 2", }, { status: "affected", version: "Windows Server 2008 for x64-based Systems Service Pack 2", }, ], }, { product: "Microsoft .NET Framework 2.0", vendor: "Microsoft", versions: [ { status: "affected", version: "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2", }, { status: "affected", version: "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2", }, ], }, { product: "Microsoft .NET Framework 3.0", vendor: "Microsoft", versions: [ { status: "affected", version: "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2", }, { status: "affected", version: "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2", }, ], }, { product: "Microsoft .NET Framework 3.5", vendor: "Microsoft", versions: [ { status: "affected", version: "Windows 8.1 for 32-bit systems", }, { status: "affected", version: "Windows 8.1 for x64-based systems", }, { status: "affected", version: "Windows Server 2012", }, { status: "affected", version: "Windows Server 2012 (Server Core installation)", }, { status: "affected", version: "Windows Server 2012 R2", }, { status: "affected", version: "Windows Server 2012 R2 (Server Core installation)", }, ], }, { product: "Microsoft .NET Framework 3.5.1", vendor: "Microsoft", versions: [ { status: "affected", version: "Windows 7 for 32-bit Systems Service Pack 1", }, { status: "affected", version: "Windows 7 for x64-based Systems Service Pack 1", }, { status: "affected", version: "Windows Server 2008 R2 for x64-based Systems Service Pack 1", }, ], }, { product: "Microsoft .NET Framework 4.5.2", vendor: "Microsoft", versions: [ { status: "affected", version: "Windows 7 for 32-bit Systems Service Pack 1", }, { status: "affected", version: "Windows 7 for x64-based Systems Service Pack 1", }, { status: "affected", version: "Windows 8.1 for 32-bit systems", }, { status: "affected", version: "Windows 8.1 for x64-based systems", }, { status: "affected", version: "Windows RT 8.1", }, { status: "affected", version: "Windows Server 2008 for 32-bit Systems Service Pack 2", }, { status: "affected", version: "Windows Server 2008 for x64-based Systems Service Pack 2", }, { status: "affected", version: "Windows Server 2008 R2 for x64-based Systems Service Pack 1", }, { status: "affected", version: "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", }, { status: "affected", version: "Windows Server 2012", }, { status: "affected", version: "Windows Server 2012 (Server Core installation)", }, { status: "affected", version: "Windows Server 2012 R2", }, { status: "affected", version: "Windows Server 2012 R2 (Server Core installation)", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for ARM64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for ARM64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for ARM64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 on Windows 10 for 32-bit Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 on Windows 10 for x64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for ARM64-based Systems", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, ], descriptions: [ { lang: "en", value: "A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-21T22:53:10", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2020-1108", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: ".NET Core", version: { version_data: [ { version_value: "3.1", }, { version_value: "2.1", }, ], }, }, { product_name: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019", version: { version_data: [ { version_value: "16.0", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.5", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: ".NET Core 5.0", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "PowerShell Core", version: { version_data: [ { version_value: "6.2", }, ], }, }, { product_name: "PowerShell 7.0", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", version: { version_data: [ { version_value: "Windows 7 for 32-bit Systems Service Pack 1", }, { version_value: "Windows 7 for x64-based Systems Service Pack 1", }, { version_value: "Windows 8.1 for 32-bit systems", }, { version_value: "Windows 8.1 for x64-based systems", }, { version_value: "Windows RT 8.1", }, { version_value: "Windows Server 2008 R2 for x64-based Systems Service Pack 1", }, { version_value: "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", }, { version_value: "Windows Server 2012", }, { version_value: "Windows Server 2012 (Server Core installation)", }, { version_value: "Windows Server 2012 R2", }, { version_value: "Windows Server 2012 R2 (Server Core installation)", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server, version 1803 (Server Core Installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 10 Version 1709 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2016", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows RT 8.1", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2012", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2012 R2", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2019 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1909 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 1903 (Server Core installation)", version: { version_data: [ { version_value: "1903", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server, version 1803 (Server Core Installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows Server 2019 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 4.6", version: { version_data: [ { version_value: "Windows Server 2008 for 32-bit Systems Service Pack 2", }, { version_value: "Windows Server 2008 for x64-based Systems Service Pack 2", }, ], }, }, { product_name: "Microsoft .NET Framework 2.0", version: { version_data: [ { version_value: "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2", }, { version_value: "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2", }, ], }, }, { product_name: "Microsoft .NET Framework 3.0", version: { version_data: [ { version_value: "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2", }, { version_value: "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5", version: { version_data: [ { version_value: "Windows 8.1 for 32-bit systems", }, { version_value: "Windows 8.1 for x64-based systems", }, { version_value: "Windows Server 2012", }, { version_value: "Windows Server 2012 (Server Core installation)", }, { version_value: "Windows Server 2012 R2", }, { version_value: "Windows Server 2012 R2 (Server Core installation)", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5.1", version: { version_data: [ { version_value: "Windows 7 for 32-bit Systems Service Pack 1", }, { version_value: "Windows 7 for x64-based Systems Service Pack 1", }, { version_value: "Windows Server 2008 R2 for x64-based Systems Service Pack 1", }, ], }, }, { product_name: "Microsoft .NET Framework 4.5.2", version: { version_data: [ { version_value: "Windows 7 for 32-bit Systems Service Pack 1", }, { version_value: "Windows 7 for x64-based Systems Service Pack 1", }, { version_value: "Windows 8.1 for 32-bit systems", }, { version_value: "Windows 8.1 for x64-based systems", }, { version_value: "Windows RT 8.1", }, { version_value: "Windows Server 2008 for 32-bit Systems Service Pack 2", }, { version_value: "Windows Server 2008 for x64-based Systems Service Pack 2", }, { version_value: "Windows Server 2008 R2 for x64-based Systems Service Pack 1", }, { version_value: "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", }, { version_value: "Windows Server 2012", }, { version_value: "Windows Server 2012 (Server Core installation)", }, { version_value: "Windows Server 2012 R2", }, { version_value: "Windows Server 2012 R2 (Server Core installation)", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for ARM64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1909 for ARM64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2 on Windows 10 Version 1709 for ARM64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 on Windows 10 for 32-bit Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2 on Windows 10 for x64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1803 for ARM64-based Systems", version: { version_data: [ { version_value: "", }, ], }, }, ], }, vendor_name: "Microsoft", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108", refsource: "MISC", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2020-1108", datePublished: "2020-05-21T22:53:10", dateReserved: "2019-11-04T00:00:00", dateUpdated: "2024-08-04T06:25:01.017Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-1161
Vulnerability from cvelistv5
Published
2020-05-21 22:53
Modified
2024-08-04 06:25
Severity ?
EPSS score ?
Summary
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1161 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8) |
Version: unspecified |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:25:01.313Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1161", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019", vendor: "Microsoft", versions: [ { status: "affected", version: "16.0", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.5", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "ASP.NET Core", vendor: "Microsoft", versions: [ { status: "affected", version: "3.1", }, ], }, ], descriptions: [ { lang: "en", value: "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-21T22:53:28", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1161", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2020-1161", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019", version: { version_data: [ { version_value: "16.0", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.5", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "ASP.NET Core", version: { version_data: [ { version_value: "3.1", }, ], }, }, ], }, vendor_name: "Microsoft", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1161", refsource: "MISC", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1161", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2020-1161", datePublished: "2020-05-21T22:53:28", dateReserved: "2019-11-04T00:00:00", dateUpdated: "2024-08-04T06:25:01.313Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }