Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
MicrosoftSystem.net.security

3 matches found

CVE
CVEadded 2017/05/12 2:0 p.m.101 views

CVE-2017-0256

CVE-2017-0256 describes a spoofing vulnerability in ASP.NET Core due to improper sanitization/validation of web requests. Affected: Microsoft ASP.NET Core (and IBM Bluemix deployments of ASP.NET Core). Underlying issue: input not properly filtered, enabling spoofing scenarios. Impact per sources ...

5.3CVSS5.4AI score0.04349EPSS
CVE
CVEadded 2017/05/12 2:0 p.m.94 views

CVE-2017-0249

CVE-2017-0249 affects Microsoft ASP.NET Core. A vulnerability in which ASP.NET Core fails to properly sanitize web requests could allow elevation of privileges. Reported CVSS v3 base score 7.3 (HIGH) with NETWORK attack vector, LOW confidentiality/integrity/availability impact. Connected IBM bull...

7.5CVSS7.2AI score0.05786EPSS
CVE
CVEadded 2017/05/12 2:0 p.m.93 views

CVE-2017-0247

The CVE affects Microsoft ASP.NET Core: a DoS vulnerability caused by improper validation of web requests in the TextEncoder.EncodeCore function. It applies to ASP.NET Core Mvc before 1.0.4 and 1.1.x before 1.1.3, where remote attackers could trigger DoS by exploiting incorrect calculation of the...

7.5CVSS7.2AI score0.11122EPSS