{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-1045", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "dateUpdated": "2023-12-31T21:34:37.415Z", "dateReserved": "2019-11-04T00:00:00", "datePublished": "2020-09-11T00:00:00"}, "containers": {"cna": {"title": "Microsoft ASP.NET Core Security Feature Bypass Vulnerability", "datePublic": "2020-09-08T07:00:00+00:00", "affected": [{"vendor": "Microsoft", "product": "ASP.NET Core 2.1", "cpes": ["cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "2.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "ASP.NET Core 3.1", "cpes": ["cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "3.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p>\n<p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p>\n<p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>\n", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "Security Feature Bypass", "lang": "en-US", "type": "Impact"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2023-12-31T21:34:37.415Z"}, "references": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045"}, {"name": "FEDORA-2020-e2deb72e0f", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/"}, {"name": "FEDORA-2020-48fa1ad65c", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/"}, {"url": "https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318"}, {"url": "https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600"}, {"url": "https://access.redhat.com/errata/RHSA-2020:3699"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C"}}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6237BE3-2B52-4E81-BEB4-AC370C79CD6F", "versionEndIncluding": "2.1.21", "versionStartIncluding": "2.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", "matchCriteriaId": "30C25D29-DA72-404C-934E-7CCA3CCB8793", "versionEndExcluding": "3.1.8", "versionStartIncluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "7883DE07-470D-4160-9767-4F831B75B9A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "4D5F4FA7-E5C5-4C23-BDA8-36A36972E4F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "5CA4F12A-5BC5-4D75-8F20-80D8BB2C5BF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "9C24797C-0397-4D4F-ADC3-3B99095DBB35", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "BF14A415-15BD-4A6C-87CF-675E09390474", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "C237415F-33FE-4686-9B19-A0916BF75D2D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p>\n<p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p>\n<p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>\n"}, {"lang": "es", "value": "Se presenta una vulnerabilidad de omisi\u00f3n de la caracter\u00edstica de seguridad en la manera en que Microsoft ASP.NET Core analiza los nombres de cookies codificados. El analizador de cookies de ASP.NET Core decodifica cadenas de cookies completas que podr\u00edan permitir a un atacante malicioso establecer una segunda cookie con el nombre codificado en porcentaje. La actualizaci\u00f3n de seguridad aborda la vulnerabilidad al corregir la manera en que el analizador de cookies ASP.NET Core maneja los nombres codificados, tambi\u00e9n se conoce como \"Microsoft ASP.NET Core Security Feature Bypass Vulnerability\""}], "id": "CVE-2020-1045", "lastModified": "2023-12-31T22:15:55.070", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secure@microsoft.com", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2020-09-11T17:15:18.307", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2020:3699"}, {"source": "secure@microsoft.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318"}, {"source": "secure@microsoft.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/"}, {"source": "secure@microsoft.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}