Security Updates for Microsoft .NET Framework (January 2019)
Medium Nessus Plugin ID 121021
The Microsoft .NET Framework installation on the remote host is missing a security update.
The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability : - An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross- origin Resource Sharing (CORS) configurations. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application. The security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass. (CVE-2019-0545)
Microsoft has released security updates for Microsoft .NET Framework.