Red Hat Enterprise Linux 8 update for .NET Core

Published: 2020-07-16

Risk	High
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2020-1147
CWE-ID	CWE-91
Exploitation vector	Network
Public exploit	Vulnerability #1 is being exploited in the wild.
Vulnerable software	Red Hat Enterprise Linux Server - TUS Operating systems & Components / Operating system Red Hat Enterprise Linux for x86_64 Operating systems & Components / Operating system dotnet (Red Hat package) Operating systems & Components / Operating system package or component
Vendor	Red Hat Inc.

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) XML injection

EUVDB-ID: #VU29836

Risk: High

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2020-1147

CWE-ID: CWE-91 - XML Injection

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing XML data in .NET Framework, Microsoft SharePoint, and Visual Studio. A remote unauthenticated attacker can pass specially crafted XML data to the application and execute arbitrary code on the system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux Server - TUS: 8.2

dotnet (Red Hat package): 2.1.514-2.el8_2

Red Hat Enterprise Linux for x86_64: 8.0

CPE2.3

External links

https://access.redhat.com/errata/RHSA-2020:2938

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.