CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
80.1%
Microsoft patterns & practices Enterprise Library is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability is due a regex string with inefficient complexity located in Blocks/Common/Src/Configuration/Manageability/Adm/AdmContentBuilder.cs
, which allows an attacker to input a string composed of many \ (backslash) characters followed by a " (double quote), resulting in Denial of Service by consuming excessive CPU cycles.