CVE-2023-36560 — Vulnetix

CVE-2023-36560 PUBLISHED

In Microsoft .NET Framework, Microsoft ASP.NET, Microsoft Visual Studio und Microsoft Visual Studio Code existieren mehrere, nicht im Detail beschriebene Schwachstellen. Ein Angreifer kann dies ausnutzen, um Sicherheitsmechanismen zu umgehen, um seine Privilegien zu erhöhen und um einen Denial of Service Zustand herbeizuführen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Authentisierung erforderlich.

EPSS 4.17% · 88.9th percentile

Risk Scores

EPSS Score

4.17%

88.9th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft .NET Framework 3.5.1
Microsoft	Microsoft .NET Framework 4.6
Microsoft	Microsoft Visual Studio 2022 version 17.4
Microsoft	Microsoft .NET Framework 2.0 SP2
Microsoft	Microsoft .NET Framework 4.7
Microsoft	Microsoft .NET Framework 4.8
Microsoft	Microsoft .NET Framework 4.6.2
Microsoft	Microsoft .NET Framework 3.5
Microsoft	Microsoft .NET Framework 3.0 SP2
Microsoft	Microsoft Visual Studio Code Jupyter Extension for Visual Studio Code
Microsoft	Microsoft .NET Framework 4.8.1
Microsoft	Microsoft .NET Framework 4.7.1
Microsoft	Microsoft Visual Studio 2022 version 17.2
Microsoft	Microsoft Visual Studio 2022 version 17.7
Microsoft	Microsoft ASP.NET Core 6.0
Microsoft	Microsoft Visual Studio 2022 version 17.6
Red Hat	Red Hat Enterprise Linux
Ubuntu	Ubuntu Linux
Microsoft	Microsoft ASP.NET Core 8.0
Microsoft	Microsoft ASP.NET Core 7.0

…and 3 more

Timeline

Nov 14, 2023 CVE Published
Nov 15, 2023 EPSS Score
Nov 17, 2023 CVE Updated
Mar 17, 2025 EPSS Score
Mar 19, 2025 EPSS Score
Mar 20, 2025 EPSS Score
Mar 28, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score
Apr 15, 2025 EPSS Score
May 1, 2025 EPSS Score
May 4, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2895.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2895 advisory
https://linux.oracle.com/errata/ELSA-2023-7255.html advisory
https://linux.oracle.com/errata/ELSA-2023-7257.html advisory
https://linux.oracle.com/errata/ELSA-2023-7253.html advisory
https://linux.oracle.com/errata/ELSA-2023-7258.html advisory
https://linux.oracle.com/errata/ELSA-2023-7256.html advisory
https://access.redhat.com/errata/RHSA-2023:7254 advisory
https://access.redhat.com/errata/RHSA-2023:7255 advisory
https://access.redhat.com/errata/RHSA-2023:7256 advisory
https://access.redhat.com/errata/RHSA-2023:7257 advisory
https://ubuntu.com/security/notices/USN-6480-1 advisory
https://access.redhat.com/errata/RHSA-2023:7258 advisory
https://access.redhat.com/errata/RHSA-2023:7259 advisory
https://access.redhat.com/errata/RHSA-2023:7253 advisory
https://msrc.microsoft.com/update-guide advisory

Open in Interactive Console →