Lucene search

K
cve[email protected]CVE-2023-36558
HistoryNov 14, 2023 - 10:15 p.m.

CVE-2023-36558

2023-11-1422:15:29
NVD-CWE-noinfo
web.nvd.nist.gov
120
asp.net
core
security
feature
bypass
vulnerability
cve-2023-36558
nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

16.5%

ASP.NET Core - Security Feature Bypass Vulnerability

VendorProductVersionCPE
microsoft.net_6.0*cpe:2.3:a:microsoft:.net_6.0:*:*:*:*:*:*:*:*
microsoftasp.net_core_6.0*cpe:2.3:a:microsoft:asp.net_core_6.0:*:*:*:*:*:*:*:*
microsoft.net_7.0*cpe:2.3:a:microsoft:.net_7.0:*:*:*:*:*:*:*:*
microsoftmicrosoft_visual_studio_2022_17.2*cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.2:*:*:*:*:*:*:*:*
microsoft.net_8.0*cpe:2.3:a:microsoft:.net_8.0:*:*:*:*:*:*:*:*
microsoftmicrosoft_visual_studio_2022_17.4*cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.4:*:*:*:*:*:*:*:*
microsoftmicrosoft_visual_studio_2022_17.6*cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.6:*:*:*:*:*:*:*:*
microsoftmicrosoft_visual_studio_2022_17.7*cpe:2.3:a:microsoft:microsoft_visual_studio_2022_17.7:*:*:*:*:*:*:*:*
microsoftasp.net_core_7.0*cpe:2.3:a:microsoft:asp.net_core_7.0:*:*:*:*:*:*:*:*
microsoftasp.net_core_8.0*cpe:2.3:a:microsoft:asp.net_core_8.0:*:*:*:*:*:*:*:*

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

16.5%