CVE-2020-1045: A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire…

high7.5CVSS 3.1

AVNACLPRNUINSUCNIHAN

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded. The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.

Affected

28 ranges· showing 25

Vendor	Product	Version range	Fixed in
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
microsoft	asp.net_core	2.1 – 2.1.21	—
microsoft	asp.net_core	>= 3.1 < 3.1.8	3.1.8
microsoft	asp.net_core_2.1	>= 2.0 < publication	publication
microsoft	asp.net_core_3.1	>= 3.0 < publication	publication
microsoft	microsoft.aspnetcore.app.runtime.linux-arm	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.linux-arm64	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.linux-musl-arm64	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.linux-musl-x64	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.linux-x64	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.osx-x64	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.win-arm	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.win-arm64	>= 3.1.5 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.win-x64	>= 3.1.0 < 3.1.8	3.1.8
microsoft	microsoft.aspnetcore.app.runtime.win-x86	>= 3.1.0 < 3.1.8	3.1.8
msrc	asp.net_core_2.1	—	—
msrc	asp.net_core_3.1	—	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux_aus	—	—
redhat	enterprise_linux_aus	—	—
redhat	enterprise_linux_aus	—	—
redhat	enterprise_linux_eus	—	—
redhat	enterprise_linux_eus	—	—
redhat	enterprise_linux_eus	—	—