CVE-2023-36018 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-36018 PUBLISHED

In Microsoft .NET Framework, Microsoft ASP.NET, Microsoft Visual Studio und Microsoft Visual Studio Code existieren mehrere, nicht im Detail beschriebene Schwachstellen. Ein Angreifer kann dies ausnutzen, um Sicherheitsmechanismen zu umgehen, um seine Privilegien zu erhöhen und um einen Denial of Service Zustand herbeizuführen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich.

EPSS 1.61% · 81.6th percentile

Risk Scores

EPSS Score

1.61%

81.6th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft .NET Framework 3.5.1
Microsoft	Microsoft Visual Studio 2022 version 17.2
Microsoft	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Ubuntu	Ubuntu Linux
Microsoft	Microsoft .NET Framework 4.7.2
Microsoft	Microsoft .NET Framework 3.5
Microsoft	Microsoft Visual Studio 2022 version 17.4
Microsoft	Microsoft ASP.NET Core 6.0
Microsoft	Microsoft .NET Framework 4.8
Microsoft	Microsoft .NET Framework 2.0 SP2
Microsoft	Microsoft Visual Studio 2022 version 17.6
Microsoft	Microsoft Visual Studio Code Jupyter Extension for Visual Studio Code
Microsoft	Microsoft .NET Framework 3.0 SP2
Microsoft	Microsoft .NET Framework 4.6
Microsoft	Microsoft ASP.NET Core 7.0
Microsoft	Microsoft .NET Framework 4.7
Microsoft	Microsoft ASP.NET Core 8.0
Microsoft	Microsoft .NET Framework 4.8.1
Microsoft	Microsoft .NET Framework 4.6.2
Microsoft	Microsoft Visual Studio 2022 version 17.7

…and 3 more

Timeline

Nov 14, 2023 CVE Published
Nov 15, 2023 EPSS Score
Dec 15, 2023 EPSS Score
Jan 13, 2024 EPSS Score
Mar 13, 2024 EPSS Score
Apr 11, 2024 EPSS Score
May 11, 2024 EPSS Score
Jun 10, 2024 EPSS Score
Jul 9, 2024 EPSS Score
Sep 7, 2024 EPSS Score
Oct 6, 2024 EPSS Score
Nov 5, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2895.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2895 advisory
https://linux.oracle.com/errata/ELSA-2023-7255.html advisory
https://linux.oracle.com/errata/ELSA-2023-7257.html advisory
https://linux.oracle.com/errata/ELSA-2023-7253.html advisory
https://linux.oracle.com/errata/ELSA-2023-7258.html advisory
https://linux.oracle.com/errata/ELSA-2023-7256.html advisory
https://access.redhat.com/errata/RHSA-2023:7254 advisory
https://access.redhat.com/errata/RHSA-2023:7255 advisory
https://access.redhat.com/errata/RHSA-2023:7256 advisory
https://access.redhat.com/errata/RHSA-2023:7257 advisory
https://ubuntu.com/security/notices/USN-6480-1 advisory
https://access.redhat.com/errata/RHSA-2023:7258 advisory
https://access.redhat.com/errata/RHSA-2023:7259 advisory
https://access.redhat.com/errata/RHSA-2023:7253 advisory
https://msrc.microsoft.com/update-guide advisory

Open in Interactive Console →