CVE-2023-33170

🗓️ 11 Jul 2023 17:03:13Reported by microsoftType

ASP.NET & Visual Studio Security Bypass Vulnerabilit

Reporter	Title	Published	Views	Family All 163
ATTACKERKB	CVE-2023-33170	11 Jul 202318:15	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : aspnetcore-runtime-6.0, aspnetcore-targeting-pack-6.0, dotnet (ALAS2023-2023-302)	24 Aug 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : .NET 7.0 (ALSA-2023:4057)	14 Jul 202300:00	–	nessus
Tenable Nessus	AlmaLinux 8 : .NET 7.0 (ALSA-2023:4058)	14 Jul 202300:00	–	nessus
Tenable Nessus	AlmaLinux 8 : .NET 6.0 (ALSA-2023:4059)	14 Jul 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : .NET 6.0 (ALSA-2023:4060)	13 Jul 202300:00	–	nessus
Tenable Nessus	Fedora 37 : dotnet7.0 (2023-18264c31f6)	22 Jul 202300:00	–	nessus
Tenable Nessus	Fedora 37 : dotnet6.0 (2023-4a48637c3f)	22 Jul 202300:00	–	nessus
Tenable Nessus	Fedora 38 : dotnet7.0 (2023-d25e798d6c)	22 Jul 202300:00	–	nessus
Tenable Nessus	Fedora 38 : dotnet6.0 (2023-feda45bc39)	22 Jul 202300:00	–	nessus

NVD

Vulners

CNA

Node

microsoft .netRange6.0.0–6.0.20

microsoft .netRange7.0.0–7.0.9

microsoft visual_studio_2022Range17.0–17.0.23

microsoft visual_studio_2022Range17.2.0–17.2.17

microsoft visual_studio_2022Range17.4.0–17.4.9

microsoft visual_studio_2022Range17.6.0–17.6.5

Node

fedoraproject fedoraMatch37

fedoraproject fedoraMatch38

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.2",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.2.0",
        "lessThan": "17.2.17",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.0.0",
        "lessThan": "17.0.23",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.4",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.4.0",
        "lessThan": "17.4.9",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.6",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.6.0",
        "lessThan": "17.6.5",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": ".NET 6.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "6.0.0",
        "lessThan": "6.0.20",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": ".NET 7.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "7.0.0",
        "lessThan": "7.0.9",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/

01 Jan 2025 02:15Current

8High risk

Vulners AI Score8

CVSS 3.18.1

EPSS0.0024

SSVC

CWE-362