CVE-2019-0545 is a vulnerability in Microsoft .NET Core
Published on January 8, 2019
An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2.
Products Associated with CVE-2019-0545
Want to know whenever a new CVE is published for Microsoft .NET Core? stack.watch will email you.
Affected Versions
Microsoft .NET Core:- Version 2.1 is affected.
- Version 2.2 is affected.
- Version 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 is affected.
- Version 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 is affected.
- Version 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 is affected.
- Version 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 is affected.
- Version 3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 is affected.
- Version 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 is affected.
- Version 3.5 on Windows 10 for 32-bit Systems is affected.
- Version 3.5 on Windows 10 for x64-based Systems is affected.
- Version 3.5 on Windows 10 Version 1607 for 32-bit Systems is affected.
- Version 3.5 on Windows 10 Version 1607 for x64-based Systems is affected.
- Version 3.5 on Windows 10 Version 1703 for 32-bit Systems is affected.
- Version 3.5 on Windows 10 Version 1703 for x64-based Systems is affected.
- Version 3.5 on Windows 10 Version 1709 for 32-bit Systems is affected.
- Version 3.5 on Windows 10 Version 1709 for ARM64-based Systems is affected.
- Version 3.5 on Windows 10 Version 1709 for x64-based Systems is affected.
- Version 3.5 on Windows 10 Version 1803 for 32-bit Systems is affected.
- Version 3.5 on Windows 10 Version 1803 for ARM64-based Systems is affected.
- Version 3.5 on Windows 10 Version 1803 for x64-based Systems is affected.
- Version 3.5 on Windows 10 Version 1809 for 32-bit Systems is affected.
- Version 3.5 on Windows 10 Version 1809 for x64-based Systems is affected.
- Version 3.5 on Windows 8.1 for 32-bit systems is affected.
- Version 3.5 on Windows 8.1 for x64-based systems is affected.
- Version 3.5 on Windows Server 2012 is affected.
- Version 3.5 on Windows Server 2012 (Server Core installation) is affected.
- Version 3.5 on Windows Server 2012 R2 is affected.
- Version 3.5 on Windows Server 2012 R2 (Server Core installation) is affected.
- Version 3.5 on Windows Server 2016 is affected.
- Version 3.5 on Windows Server 2016 (Server Core installation) is affected.
- Version 3.5 on Windows Server 2019 is affected.
- Version 3.5 on Windows Server 2019 (Server Core installation) is affected.
- Version 3.5 on Windows Server, version 1709 (Server Core Installation) is affected.
- Version 3.5 on Windows Server, version 1803 (Server Core Installation) is affected.
- Version 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 is affected.
- Version 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 is affected.
- Version 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 is affected.
- Version 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 is affected.
- Version 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) is affected.
- Version 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1 is affected.
- Version 4.5.2 on Windows 7 for x64-based Systems Service Pack 1 is affected.
- Version 4.5.2 on Windows 8.1 for 32-bit systems is affected.
- Version 4.5.2 on Windows 8.1 for x64-based systems is affected.
- Version 4.5.2 on Windows RT 8.1 is affected.
- Version 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 is affected.
- Version 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 is affected.
- Version 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 is affected.
- Version 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) is affected.
- Version 4.5.2 on Windows Server 2012 is affected.
- Version 4.5.2 on Windows Server 2012 (Server Core installation) is affected.
- Version 4.5.2 on Windows Server 2012 R2 is affected.
- Version 4.5.2 on Windows Server 2012 R2 (Server Core installation) is affected.
- Version 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 is affected.
- Version 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 is affected.
- Version 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems is affected.
- Version 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems is affected.
- Version 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 is affected.
- Version 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) is affected.
- Version 4.6/4.6.1/4.6.2 on Windows 10 for 32-bit Systems is affected.
- Version 4.6/4.6.1/4.6.2 on Windows 10 for x64-based Systems is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for x64-based systems is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1 is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 is affected.
- Version 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) is affected.
- Version 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems is affected.
- Version 4.7.1/4.7.2 on Windows 10 Version 1709 for ARM64-based Systems is affected.
- Version 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems is affected.
- Version 4.7.1/4.7.2 on Windows Server, version 1709 (Server Core Installation) is affected.
- Version 4.7.2 on Windows 10 Version 1803 for 32-bit Systems is affected.
- Version 4.7.2 on Windows 10 Version 1803 for ARM64-based Systems is affected.
- Version 4.7.2 on Windows 10 Version 1803 for x64-based Systems is affected.
- Version 4.7.2 on Windows 10 Version 1809 for 32-bit Systems is affected.
- Version 4.7.2 on Windows 10 Version 1809 for x64-based Systems is affected.
- Version 4.7.2 on Windows Server 2019 is affected.
- Version 4.7.2 on Windows Server 2019 (Server Core installation) is affected.
- Version 4.7.2 on Windows Server, version 1803 (Server Core Installation) is affected.
- Version 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for 32-bit Systems is affected.
- Version 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for x64-based Systems is affected.
Exploit Probability
EPSS
9.65%
Percentile
92.80%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.