CVE-2019-0548
Published Jan 8, 2019
Last updated 6 years ago
Overview
- Description
- A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-19
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19C3047E-C222-4636-B1B3-722F2C65BC99"
},
{
"criteria": "cpe:2.3:a:microsoft:asp.net_core:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90F640B8-C1C6-4C88-B7F4-28DB05BB1F18"
}
],
"operator": "OR"
}
]
}
]