Risk Scores
CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
EPSS Score
70.04%
98.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft .NET Framework 2.0 Service Pack 2 | 2.0.0 |
| Microsoft | Microsoft .NET Framework 3.5 and 4.6.2 | 4.7.0 |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8 | 4.8.0 |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.7.2 | 4.7.0 |
| microsoft | .net | 4.7.0, 4.8.0, 4.8.0 |
| microsoft | .net_framework | 4.7.2, 3.0.0.0, 4.8 |
| Microsoft | Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 | 4.7.0 |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 | 3.0.0.0 |
| Microsoft | Microsoft .NET Framework 4.8 | 4.8.0 |
| Microsoft | Microsoft .NET Framework 4.6.2 | 4.7.0 |
| Microsoft | Microsoft .NET Framework 3.5 AND 4.8.1 | 4.8.1 |
Timeline
- Aug 8, 2023 CVE Published
- Aug 9, 2023 EPSS Score
- Mar 17, 2025 EPSS Score
- Apr 15, 2025 EPSS Score
- May 1, 2025 EPSS Score
- May 4, 2025 EPSS Score
- May 21, 2025 EPSS Score
- Jun 1, 2025 EPSS Score
- Jun 4, 2025 EPSS Score
- Jul 1, 2025 EPSS Score
- Jul 4, 2025 EPSS Score
- Aug 1, 2025 EPSS Score
References
- ASP.NET Elevation of Privilege Vulnerability vendor-advisory
- https://msrc.microsoft.com/update-guide/ advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-36899 advisory