Vulnerability Details CVE-2019-0545
An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.06
EPSS Ranking 90.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/106405
- https://access.redhat.com/errata/RHSA-2019:0040
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0545
- http://www.securityfocus.com/bid/106405
- https://access.redhat.com/errata/RHSA-2019:0040
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0545
Products affected by CVE-2019-0545
-
cpe:2.3:a:microsoft:.net_core:2.1
-
cpe:2.3:a:microsoft:.net_core:2.2
-
cpe:2.3:a:microsoft:.net_framework:2.0
-
cpe:2.3:a:microsoft:.net_framework:3.0
-
cpe:2.3:a:microsoft:.net_framework:3.5
-
cpe:2.3:a:microsoft:.net_framework:3.5.1
-
cpe:2.3:a:microsoft:.net_framework:4.5.2
-
cpe:2.3:a:microsoft:.net_framework:4.6
-
cpe:2.3:a:microsoft:.net_framework:4.6.1
-
cpe:2.3:a:microsoft:.net_framework:4.6.2
-
cpe:2.3:a:microsoft:.net_framework:4.7
-
cpe:2.3:a:microsoft:.net_framework:4.7.1
-
cpe:2.3:a:microsoft:.net_framework:4.7.2
-
cpe:2.3:o:microsoft:windows_10:-
-
cpe:2.3:o:microsoft:windows_10:1607
-
cpe:2.3:o:microsoft:windows_10:1703
-
cpe:2.3:o:microsoft:windows_10:1709
-
cpe:2.3:o:microsoft:windows_10:1803
-
cpe:2.3:o:microsoft:windows_10:1809
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20520
-
cpe:2.3:o:microsoft:windows_rt_8.1:-
-
cpe:2.3:o:microsoft:windows_server:1709
-
cpe:2.3:o:microsoft:windows_server:1803
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24116
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24768
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24919
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24975
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25031
-
cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25073
-
cpe:2.3:o:microsoft:windows_server_2012:r2
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4467
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4886
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4946
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5192
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5246
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5291
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5356
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5427
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5648
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5717
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6351
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6452
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6897
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6981
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7070
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7159
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7259
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7336
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7428
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7515
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7606
-
cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7876
-
cpe:2.3:o:microsoft:windows_server_2016:1709
-
cpe:2.3:o:microsoft:windows_server_2016:1803
-
cpe:2.3:o:microsoft:windows_server_2016:1903
-
cpe:2.3:o:microsoft:windows_server_2016:1909
-
cpe:2.3:o:microsoft:windows_server_2016:2004
-
cpe:2.3:o:microsoft:windows_server_2016:20h2
-
cpe:2.3:o:microsoft:windows_server_2019:-