CVE-2019-0981

Description

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.

Related CPE's

amicrosoft.net_core1.0*******

amicrosoft.net_core1.1*******

amicrosoft.net_core2.1*******

amicrosoft.net_core2.2*******

amicrosoft.net_framework2.0sp2******

amicrosoft.net_framework3.0sp2******

omicrosoftwindows_server_2008-sp2******

amicrosoft.net_framework3.5*******

omicrosoftwindows_server_2012r2*******

omicrosoftwindows_101607*******

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0981

PatchVendor Advisory

RHSA-2019:1259

CvssV3 impact

BaseSeverity

HIGH

ConfidentialityImpact

NONE

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

HIGH

IntegrityImpact

NONE

PrivilegesRequired

NONE

BaseScore

7.5

VectorString

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Version

3.0

UserInteraction

NONE

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:P

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

NONE

AvailabilityImpact

PARTIAL

BaseScore

5

Created by Yello
About Severity.io