EPSS
Percentile
73.0%
A flaw was found in ASP.NET. Certain cookie values are not properly decoded allowing a remote attacker to bypass the “Cookie Prefixes” security mechanism. The highest threat from this vulnerability is to data integrity.
bugzilla.redhat.com/show_bug.cgi?id=1873451
github.com/dotnet/aspnetcore/issues/23578
github.com/dotnet/aspnetcore/pull/24264
nvd.nist.gov/vuln/detail/CVE-2020-1045
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045
www.cve.org/CVERecord?id=CVE-2020-1045