CVE-2023-36042 — Vulnetix

CVE-2023-36042 PUBLISHED

In Microsoft .NET Framework, Microsoft ASP.NET, Microsoft Visual Studio und Microsoft Visual Studio Code existieren mehrere, nicht im Detail beschriebene Schwachstellen. Ein Angreifer kann dies ausnutzen, um Sicherheitsmechanismen zu umgehen, um seine Privilegien zu erhöhen und um einen Denial of Service Zustand herbeizuführen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich.

EPSS 0.10% · 28.0th percentile

Risk Scores

EPSS Score

0.10%

28.0th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft	Microsoft .NET Framework 4.7
Microsoft	Microsoft ASP.NET Core 8.0
Microsoft	Microsoft Visual Studio 2022 version 17.6
Microsoft	Microsoft .NET Framework 2.0 SP2
Microsoft	Microsoft Visual Studio 2022 version 17.7
Microsoft	Microsoft .NET Framework 3.0 SP2
Red Hat	Red Hat Enterprise Linux
Microsoft	Microsoft .NET Framework 4.8.1
Microsoft	Microsoft ASP.NET Core 7.0
Microsoft	Microsoft .NET Framework 4.7.2
Oracle	Oracle Linux
Microsoft	Microsoft Visual Studio 2022 version 17.4
Microsoft	Microsoft .NET Framework 4.6
Microsoft	Microsoft Visual Studio Code Jupyter Extension for Visual Studio Code
Microsoft	Microsoft .NET Framework 4.6.2
Microsoft	Microsoft .NET Framework 4.8
Microsoft	Microsoft ASP.NET Core 6.0
Microsoft	Microsoft .NET Framework 4.7.1
Ubuntu	Ubuntu Linux

…and 3 more

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)

Timeline

Nov 14, 2023 CVE Published
Nov 15, 2023 EPSS Score
Dec 15, 2023 EPSS Score
Jan 14, 2024 EPSS Score
Feb 14, 2024 EPSS Score
Mar 15, 2024 EPSS Score
Apr 14, 2024 EPSS Score
May 14, 2024 EPSS Score
Jun 14, 2024 EPSS Score
Jul 14, 2024 EPSS Score
Aug 13, 2024 EPSS Score
Sep 12, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2895.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2895 advisory
https://linux.oracle.com/errata/ELSA-2023-7255.html advisory
https://linux.oracle.com/errata/ELSA-2023-7257.html advisory
https://linux.oracle.com/errata/ELSA-2023-7253.html advisory
https://linux.oracle.com/errata/ELSA-2023-7258.html advisory
https://linux.oracle.com/errata/ELSA-2023-7256.html advisory
https://access.redhat.com/errata/RHSA-2023:7254 advisory
https://access.redhat.com/errata/RHSA-2023:7255 advisory
https://access.redhat.com/errata/RHSA-2023:7256 advisory
https://access.redhat.com/errata/RHSA-2023:7257 advisory
https://ubuntu.com/security/notices/USN-6480-1 advisory
https://access.redhat.com/errata/RHSA-2023:7258 advisory
https://access.redhat.com/errata/RHSA-2023:7259 advisory
https://access.redhat.com/errata/RHSA-2023:7253 advisory
https://msrc.microsoft.com/update-guide advisory

Open in Interactive Console →