CVE-2020-1147
- Source
- https://cve.org/CVERecord?id=CVE-2020-1147
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1147.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-1147
- Aliases
- Downstream
- Published
- 2020-07-14T23:15:12.057Z
- Modified
- 2026-03-15T14:36:37.498213Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
- References
-
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1147
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147
- http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html
- http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
- https://www.exploitalert.com/view-details.html?id=35992
Affected packages
Git / github.com/dotnet/core
Affected ranges
- Type
- GIT
- Repo
- https://github.com/dotnet/core
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "2.1" }, { "introduced": "0" }, { "last_affected": "3.1" }, { "introduced": "0" }, { "last_affected": "3.0-sp2" } ] }
Affected versions
v1.*
v1.0.0
v1.0.0-rc1
v1.0.0-rc2
v1.0.1
v1.0.10
v1.0.11
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.7
v1.0.8
v1.0.9
v1.1
v1.1.0
v1.1.0-preview1
v1.1.1
v1.1.2
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v2.*
v2.0.0
v2.0.0-preview1
v2.0.0-preview2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.7-2
v2.1-preview1
v2.1-preview2
v2.1-rc1
v2.1.0
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0-sp2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.5.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.5.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.7.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2013-sp1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2016"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2010-sp2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2019"
}
]
},
{
"events": [
{
"introduced": "15.0"
},
{
"last_affected": "15.9"
}
]
},
{
"events": [
{
"introduced": "16.0"
},
{
"last_affected": "16.6"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1147.json"