ID de Prueba:	1.3.6.1.4.1.25623.1.0.817387
Categoría:	Windows
Título:	.NET Core Security Feature Bypass Vulnerability (Sep 2020)
Resumen:	ASP.NET Core is prone to a security feature bypass vulnerability.
Descripción:	Summary: ASP.NET Core is prone to a security feature bypass vulnerability. Vulnerability Insight: The flaw exists due to an error in the way Microsoft ASP.NET Core parses encoded cookie names. Vulnerability Impact: Successful exploitation will allow an attacker to bypass security restrictions. Affected Software/OS: ASP.NET Core version 2.1 and 3.1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1045 FEDORA-2020-48fa1ad65c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/ FEDORA-2020-e2deb72e0f https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/ https://access.redhat.com/errata/RHSA-2020:3699 https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045 https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.