ASP.NET Core - Security Feature Bypass Vulnerability
CVE-2023-36558

5.5MEDIUM

Key Information:

Vendor
Microsoft
Status
.net 6.0
Asp.net Core 6.0
.net 7.0
Microsoft Visual Studio 2022 Version 17.2
Vendor
CVE Published:
14 November 2023

Badges

πŸ“° News Worthy

Summary

ASP.NET Core Security Feature Bypass Vulnerability

Affected Version(s)

.NET 6.0 Unknown 6.0.0 < 6.0.25

.NET 7.0 Unknown 7.0.0 < 7.0.14

.NET 8.0 Unknown 1.0.0 < 8.0.0

News Articles

favicon imageVeeam Community Resource Hub

Veeam VBR 12.1 CVE-2023-36558 and CVE-2023-36049 Vulnerabilities | Veeam Community Resource Hub

Today, I noticed there are two fresh vulnerabilities on the VBR12.1 Manager and console servers. Certain .net core requirements are installed when the p...

10 months ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by Veeam Community Resource Hub

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed1 News Article(s)
.