CVE-2017-11770

Summary

.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data, aka ".NET CORE Denial Of Service Vulnerability".

Affected Software

VendorProductVersion RangeStatus
Microsoft Corporation.NET Core.NET Core 1.0, .NET Core 1.1, and .NET Core 2.0affected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References