Lucene search

CVE-2023-36558

🗓️ 14 Nov 2023 22:29:15Reported by microsoftType

ASP.NET Core Security Feature Bypass Vulnerability CVE-2023-3655

Reporter	Title	Published	Views	Family All 89
OSV	Microsoft Security Advisory CVE-2023-36558: .NET Security Feature Bypass Vulnerability	14 Nov 202320:36	–	osv
OSV	BIT-aspnet-core-2023-36558	6 Mar 202410:51	–	osv
OSV	BIT-dotnet-sdk-2023-36558	6 Mar 202410:53	–	osv
OSV	BIT-dotnet-2023-36558	6 Mar 202410:53	–	osv
OSV	Moderate: dotnet6.0 security update	15 Nov 202300:00	–	osv
OSV	Moderate: dotnet7.0 security update	15 Nov 202300:00	–	osv
OSV	Moderate: dotnet6.0 security update	15 Nov 202300:00	–	osv
OSV	RHSA-2023:7254 Red Hat Security Advisory: dotnet8.0 security update	16 Sep 202415:43	–	osv
OSV	RHSA-2023:7257 Red Hat Security Advisory: dotnet6.0 security update	16 Sep 202415:42	–	osv
OSV	RHSA-2023:7255 Red Hat Security Advisory: dotnet7.0 security update	16 Sep 202415:43	–	osv

Nvd

Vulners

Node

microsoft .netRange6.0.0–6.0.25

microsoft .netRange7.0.0–7.0.14

microsoft .netMatch8.0.0rc1

microsoft .netMatch8.0.0rc2

microsoft asp.net_coreRange6.0.0–6.0.25

microsoft asp.net_coreRange7.0.0–7.0.14

microsoft asp.net_coreMatch8.0.0-

microsoft visual_studio_2022Range17.2–17.2.22

microsoft visual_studio_2022Range17.4–17.4.14

microsoft visual_studio_2022Range17.6–17.6.10

microsoft visual_studio_2022Range17.7–17.7.7

[
  {
    "vendor": "Microsoft",
    "product": ".NET 6.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "6.0.0",
        "lessThan": "6.0.25",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 6.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "6.0",
        "lessThan": "6.0.25",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": ".NET 7.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "7.0.0",
        "lessThan": "7.0.14",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.2",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.2.0",
        "lessThan": "17.2.22",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": ".NET 8.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "8.0.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.4",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.4.0",
        "lessThan": "17.4.14",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.6",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.6.0",
        "lessThan": "17.6.10",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.7",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.7.0",
        "lessThan": "17.7.7",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 7.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "7.0.0",
        "lessThan": "7.0.14",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "ASP.NET Core 8.0",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "8.0.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Nov 2023 22:15Current

7.5High risk

Vulners AI Score7.5

CVSS35.5 - 6.2

EPSS0.00043

SSVC