.NET Core Denial of Service Vulnerability through Improper Certificate Data Parsing

.NET Core Denial of Service Vulnerability through Improper Certificate Data Parsing

CVE-2017-11770 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly handles parsing certificate data, aka ".NET CORE Denial Of Service Vulnerability".

Learn more about our Web App Pen Testing.