QwikSec

Security Database

CVE

CWE

Training

CVE-2017-11770

Published: Nov 15, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data, aka ".NET CORE Denial Of Service Vulnerability".

Vendor	Product	Versions
Microsoft Corporation	.NET Core	affected `.NET Core 1.0, .NET Core 1.1, and .NET Core 2.0`

References

vdb-entry

x_refsource_SECTRACK

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11770

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.