Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-36899 ASP.NET Elevation of Privilege Vulnerability

🗓️ 08 Aug 2023 18:34:05Reported by microsoftType 
cvelist
 cvelist🔗 www.cve.org👁 29 Views

ASP.NET Privilege Elevation Vulnerability CVE-2023-3689

Related
Affected
Refs
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for Improper Input Validation in Microsoft
15 Aug 202323:36
githubexploit
ATTACKERKB		CVE-2023-36899
8 Aug 202319:15
attackerkb
BDU FSTEC		The vulnerability of the Microsoft .NET Framework software, related to insufficient validation of input data, allows attackers to escalate their privileges.
11 Aug 202300:00
bdu_fstec
Circl		CVE-2023-36899
10 Aug 202316:18
circl
CNNVD		Microsoft ASP.NET Core Security Vulnerability
8 Aug 202300:00
cnnvd
CVE		CVE-2023-36899
8 Aug 202318:34
cve
Microsoft KB		August 8, 2023-KB5028948 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2
8 Aug 202307:00
mskb
Microsoft KB		August 8, 2023-KB5028952 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016
8 Aug 202307:00
mskb
Microsoft KB		August 8, 2023—KB5029242 (OS Build 14393.6167) - EXPIRED
8 Aug 202307:00
mskb
Microsoft KB		August 8, 2023—KB5029259 (OS Build 10240.20107) - EXPIRED
8 Aug 202307:00
mskb
Rows per page
[
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.8",
    "platforms": [
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
      "Windows Server 2012",
      "Windows Server 2012 (Server Core installation)",
      "Windows Server 2012 R2 (Server Core installation)",
      "Windows Server 2012 R2",
      "Windows 10 Version 1607 for x64-based Systems",
      "Windows 10 Version 1607 for 32-bit Systems",
      "Windows Server 2016",
      "Windows Server 2016 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.8.0",
        "lessThan": "4.8.4654.06",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.8",
    "platforms": [
      "Windows 10 Version 21H2 for 32-bit Systems",
      "Windows 10 Version 21H2 for x64-based Systems",
      "Windows 10 Version 21H2 for ARM64-based Systems",
      "Windows 10 Version 22H2 for x64-based Systems",
      "Windows 10 Version 22H2 for ARM64-based Systems",
      "Windows 10 Version 22H2 for 32-bit Systems",
      "Windows 10 Version 1809 for x64-based Systems",
      "Windows 10 Version 1809 for 32-bit Systems",
      "Windows Server 2022 (Server Core installation)",
      "Windows Server 2019 (Server Core installation)",
      "Windows Server 2022",
      "Windows Server 2019",
      "Windows 10 Version 1809 for ARM64-based Systems",
      "Windows 11 version 21H2 for x64-based Systems",
      "Windows 11 version 21H2 for ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "4.8.0",
        "lessThan": "4.8.04654.06",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
    "platforms": [
      "Windows 10 Version 1607 for x64-based Systems",
      "Windows 10 Version 1607 for 32-bit Systems",
      "Windows Server 2016",
      "Windows Server 2016 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "3.0.0.0",
        "lessThan": "10.0.14393.6167",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
    "platforms": [
      "Windows Server 2012",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
      "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
      "Windows Server 2012 (Server Core installation)",
      "Windows Server 2012 R2",
      "Windows Server 2012 R2 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "4.7.04057.05",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
    "platforms": [
      "Windows 10 Version 21H2 for 32-bit Systems",
      "Windows 11 version 21H2 for x64-based Systems",
      "Windows 11 version 21H2 for ARM64-based Systems",
      "Windows 11 Version 22H2 for x64-based Systems",
      "Windows 11 Version 22H2 for ARM64-based Systems",
      "Windows 10 Version 21H2 for x64-based Systems",
      "Windows 10 Version 21H2 for ARM64-based Systems",
      "Windows Server 2022",
      "Windows Server 2022 (Server Core installation)",
      "Windows 10 Version 22H2 for x64-based Systems",
      "Windows 10 Version 22H2 for ARM64-based Systems",
      "Windows 10 Version 22H2 for 32-bit Systems"
    ],
    "versions": [
      {
        "version": "4.8.1",
        "lessThan": "4.8.09176.01",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
    "platforms": [
      "Windows 10 Version 1809 for ARM64-based Systems",
      "Windows 10 Version 1809 for 32-bit Systems",
      "Windows 10 Version 1809 for x64-based Systems",
      "Windows Server 2019",
      "Windows Server 2019 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "4.7.4057.05",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 4.6.2",
    "platforms": [
      "Windows Server 2008 for 32-bit Systems Service Pack 2",
      "Windows Server 2008 for x64-based Systems Service Pack 2",
      "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
      "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "4.7.04057.05",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 3.5 and 4.6.2",
    "platforms": [
      "Windows 10 for x64-based Systems",
      "Windows 10 for 32-bit Systems"
    ],
    "versions": [
      {
        "version": "4.7.0",
        "lessThan": "10.0.10240.20107",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft .NET Framework 2.0 Service Pack 2",
    "platforms": [
      "Windows Server 2008 for x64-based Systems Service Pack 2",
      "Windows Server 2008 for 32-bit Systems Service Pack 2"
    ],
    "versions": [
      {
        "version": "2.0.0",
        "lessThan": "2.0.50727.8974",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
01 Jan 2025 01:58Current
8.8High risk
Vulners AI Score8.8
CVSS 3.18.8
EPSS0.70037
CWE-20
asp.netprivilege elevationvulnerabilitycve-2023-36899
29