CVE-2018-8409 - A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "

CVE-2018-8409

Summary

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:.net_core:2.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_core:2.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:system.io.pipelines:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:system.io.pipelines:-:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	105223
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8409

Last major update

24-08-2020 - 17:37

Published

13-09-2018 - 00:29

Last modified

24-08-2020 - 17:37