CVE-2020-1045: Microsoft ASP.NET Core Security Feature Bypass Vulnerability

Overview

Severity

High (CVSS 7.5)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C

Category

Security Feature Bypass

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2020-Sep

Released

2020-09-08

EPSS Score

20.40% (percentile: 95.5%)

Description

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded. The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.

Affected Products (2)

Other

• 11564
• 11728

Security Updates (2)

• Release Notes
• Release Notes

Acknowledgments

Matt Langlois of Github Security Team

Revision History

• 2020-09-08: Information published.