Lucene search

K
cvelistMicrosoftCVELIST:CVE-2023-33127
HistoryJul 11, 2023 - 5:03 p.m.

CVE-2023-33127 .NET and Visual Studio Elevation of Privilege Vulnerability

2023-07-1117:03:05
CWE-1220
microsoft
www.cve.org

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.4%

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": ".NET 6.0",
    "cpes": [
      "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "6.0.0",
        "lessThan": "6.0.20",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": ".NET 7.0",
    "cpes": [
      "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "7.0.0",
        "lessThan": "7.0.9",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.0",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.0.0",
        "lessThan": "17.0.23",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.2",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.2.0",
        "lessThan": "17.2.17",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.4",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.4.0",
        "lessThan": "17.4.9",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Visual Studio 2022 version 17.6",
    "cpes": [
      "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.6.0",
        "lessThan": "17.6.5",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "PowerShell 7.2",
    "cpes": [
      "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "7.2.0",
        "lessThan": "7.2.13",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "PowerShell 7.3",
    "cpes": [
      "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "7.3.0",
        "lessThan": "7.3.6",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.4%