Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-36899

🗓️ 08 Aug 2023 18:34:05Reported by microsoftType 
cve
 cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 194 Views

ASP.NET Elevation of Privilege Vulnerabilit

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for Improper Input Validation in Microsoft
15 Aug 202323:36
githubexploit
ATTACKERKB		CVE-2023-36899
8 Aug 202319:15
attackerkb
Circl		CVE-2023-36899
10 Aug 202316:18
circl
CNNVD		Microsoft ASP.NET Core Security Vulnerability
8 Aug 202300:00
cnnvd
Cvelist		CVE-2023-36899 ASP.NET Elevation of Privilege Vulnerability
8 Aug 202318:34
cvelist
Microsoft KB		August 8, 2023-KB5028948 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2
8 Aug 202307:00
mskb
Microsoft KB		August 8, 2023-KB5028952 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016
8 Aug 202307:00
mskb
Microsoft KB		August 8, 2023—KB5029242 (OS Build 14393.6167) - EXPIRED
8 Aug 202307:00
mskb
Microsoft KB		August 8, 2023—KB5029259 (OS Build 10240.20107) - EXPIRED
8 Aug 202307:00
mskb
Microsoft KB		August 8, 2023-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 7 Standard and Windows Server 2008 R2 SP1 (KB5029566)
8 Aug 202307:00
mskb
Rows per page
NVD
Vulners
CNA
Node
microsoft.net_frameworkMatch4.8
AND
microsoftwindows_server_2008Matchr2sp1x64
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
Node
microsoft.net_frameworkMatch4.6.2
OR
microsoft.net_frameworkMatch4.7
OR
microsoft.net_frameworkMatch4.7.1
OR
microsoft.net_frameworkMatch4.7.2
AND
microsoftwindows_server_2008Match-sp2x64
OR
microsoftwindows_server_2008Matchr2sp1x64
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
Node
microsoft.net_frameworkMatch4.6.2
AND
microsoftwindows_server_2008Match-sp2x64
OR
microsoftwindows_server_2008Match-sp2x86
Node
microsoft.net_frameworkMatch3.5
OR
microsoft.net_frameworkMatch4.8.1
AND
microsoftwindows_10_1809Match-arm64
OR
microsoftwindows_10_1809Match-x64
OR
microsoftwindows_10_1809Match-x86
OR
microsoftwindows_10_21h2Match-arm64
OR
microsoftwindows_10_21h2Match-x64
OR
microsoftwindows_10_21h2Match-x86
OR
microsoftwindows_10_22h2Match-arm64
OR
microsoftwindows_10_22h2Match-x64
OR
microsoftwindows_10_22h2Match-x86
OR
microsoftwindows_11_21h2Match-arm64
OR
microsoftwindows_11_21h2Match-x64
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2019Match-
OR
microsoftwindows_server_2022Match-
Node
microsoft.net_frameworkMatch3.5
OR
microsoft.net_frameworkMatch4.7.2
AND
microsoftwindows_10_1809Match-arm64
OR
microsoftwindows_10_1809Match-x64
OR
microsoftwindows_10_1809Match-x86
OR
microsoftwindows_server_2019Match-
Node
microsoft.net_frameworkMatch2.0sp2
AND
microsoftwindows_server_2008Match-sp2x64
OR
microsoftwindows_server_2008Match-sp2x86
[
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.8",
    "platforms": [
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
      "Windows Server 2012",
      "Windows Server 2012 (Server Core installation)",
      "Windows Server 2012 R2 (Server Core installation)",
      "Windows Server 2012 R2",
      "Windows 10 Version 1607 for x64-based Systems",
      "Windows 10 Version 1607 for 32-bit Systems",
      "Windows Server 2016",
      "Windows Server 2016 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.8.0",
        "lessThan": "4.8.4654.06",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.8",
    "platforms": [
      "Windows 10 Version 21H2 for 32-bit Systems",
      "Windows 10 Version 21H2 for x64-based Systems",
      "Windows 10 Version 21H2 for ARM64-based Systems",
      "Windows 10 Version 22H2 for x64-based Systems",
      "Windows 10 Version 22H2 for ARM64-based Systems",
      "Windows 10 Version 22H2 for 32-bit Systems",
      "Windows 10 Version 1809 for x64-based Systems",
      "Windows 10 Version 1809 for 32-bit Systems",
      "Windows Server 2022 (Server Core installation)",
      "Windows Server 2019 (Server Core installation)",
      "Windows Server 2022",
      "Windows Server 2019",
      "Windows 10 Version 1809 for ARM64-based Systems",
      "Windows 11 version 21H2 for x64-based Systems",
      "Windows 11 version 21H2 for ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "4.8.0",
        "lessThan": "4.8.04654.06",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
    "platforms": [
      "Windows 10 Version 1607 for x64-based Systems",
      "Windows 10 Version 1607 for 32-bit Systems",
      "Windows Server 2016",
      "Windows Server 2016 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "3.0.0.0",
        "lessThan": "10.0.14393.6167",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
    "platforms": [
      "Windows Server 2012",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
      "Windows Server 2012 (Server Core installation)",
      "Windows Server 2012 R2",
      "Windows Server 2012 R2 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "4.7.04057.05",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
    "platforms": [
      "Windows 10 Version 21H2 for 32-bit Systems",
      "Windows 11 version 21H2 for x64-based Systems",
      "Windows 11 version 21H2 for ARM64-based Systems",
      "Windows 11 Version 22H2 for x64-based Systems",
      "Windows 11 Version 22H2 for ARM64-based Systems",
      "Windows 10 Version 21H2 for x64-based Systems",
      "Windows 10 Version 21H2 for ARM64-based Systems",
      "Windows Server 2022",
      "Windows Server 2022 (Server Core installation)",
      "Windows 10 Version 22H2 for x64-based Systems",
      "Windows 10 Version 22H2 for ARM64-based Systems",
      "Windows 10 Version 22H2 for 32-bit Systems"
    ],
    "versions": [
      {
        "version": "4.8.1",
        "lessThan": "4.8.09176.01",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
    "platforms": [
      "Windows 10 Version 1809 for ARM64-based Systems",
      "Windows 10 Version 1809 for 32-bit Systems",
      "Windows 10 Version 1809 for x64-based Systems",
      "Windows Server 2019",
      "Windows Server 2019 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "4.7.4057.05",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.6.2",
    "platforms": [
      "Windows Server 2008 for 32-bit Systems Service Pack 2",
      "Windows Server 2008 for x64-based Systems Service Pack 2",
      "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
      "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "4.7.04057.05",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 and 4.6.2",
    "platforms": [
      "Windows 10 for x64-based Systems",
      "Windows 10 for 32-bit Systems"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "10.0.10240.20107",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 2.0 Service Pack 2",
    "platforms": [
      "Windows Server 2008 for x64-based Systems Service Pack 2",
      "Windows Server 2008 for 32-bit Systems Service Pack 2"
    ],
    "versions": [
      {
        "version": "2.0.0",
        "lessThan": "2.0.50727.8974",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
01 Jan 2025 01:58Current
8.6High risk
Vulners AI Score8.6
CVSS 3.18.8
EPSS0.70037
SSVC
CWE-20In Wild
cve-2023-36899asp.netelevation of privilegevulnerabilitynvd
194