Lucene search

K
cvelistMicrosoftCVELIST:CVE-2019-1302
HistorySep 11, 2019 - 9:25 p.m.

CVE-2019-1302

2019-09-1121:25:01
microsoft
www.cve.org

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka ‘ASP.NET Core Elevation Of Privilege Vulnerability’.

CNA Affected

[
  {
    "product": "ASP.NET Core",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2.1"
      },
      {
        "status": "affected",
        "version": "2.2"
      },
      {
        "status": "affected",
        "version": "3.0"
      }
    ]
  }
]

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%