We found results for “”
CVE-2020-1147
Good to know:
Date: July 14, 2020
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Language: C#
Severity Score
Related Resources (8)
Severity Score
Weakness Type (CWE)
Insufficient Information
NVD-CWE-noinfoTop Fix
Upgrade Version
Upgrade to version microsoft.aspnetcore.all - 2.1.20;microsoft.netcore.app - 2.1.20;microsoft.aspnetcore.app - 2.1.20
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | MEDIUM |
Authentication (AU): | NONE |
Confidentiality (C): | PARTIAL |
Integrity (I): | PARTIAL |
Availability (A): | PARTIAL |
Additional information: |