CVE-2020-0603

CVE Database · CVE-2020-0603

CVE-2020-0603

· HIGHModified

CVSS v3.1

8.8

EPSS

19.98%

Published

Jan 14, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787

Affected Products (5)

microsoft · asp.net_corevulnerable

redhat · enterprise_linuxvulnerable

redhat · enterprise_linux_eusvulnerable

References (6)

https://access.redhat.com/errata/RHSA-2020:0130

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0134