Lucene search
HistoryOct 10, 2023 - 6:15 p.m.
CVE-2023-36584
windows mark of the web
security bypass
vulnerability
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
7.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.9%
Windows Mark of the Web Security Feature Bypass Vulnerability
Affected configurations
Node
microsoftwindows_10_1507Range<10.0.10240.20232x64
ORmicrosoftwindows_10_1507Range<10.0.10240.20232x86
ORmicrosoftwindows_10_1809Range<10.0.17763.4974arm64
ORmicrosoftwindows_10_1809Range<10.0.17763.4974x64
ORmicrosoftwindows_10_1809Range<10.0.17763.4974x86
ORmicrosoftwindows_10_21h1Range<10.0.19041.3570arm64
ORmicrosoftwindows_10_21h1Range<10.0.19041.3570x64
ORmicrosoftwindows_10_21h1Range<10.0.19041.3570x86
ORmicrosoftwindows_10_22h2Range<10.0.19041.3570arm64
ORmicrosoftwindows_10_22h2Range<10.0.19041.3570x64
ORmicrosoftwindows_10_22h2Range<10.0.19041.3570x86
ORmicrosoftwindows_11_21h2Range<10.0.22000.2538arm64
ORmicrosoftwindows_11_21h2Range<10.0.22000.2538x64
ORmicrosoftwindows_11_22h2Range<10.0.22621.2428arm64
ORmicrosoftwindows_11_22h2Range<10.0.22621.2428x64
ORmicrosoftwindows_server_2008Match-sp2x64
ORmicrosoftwindows_server_2008Match-sp2x86
ORmicrosoftwindows_server_2008Matchr2sp1x64
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016Match-
ORmicrosoftwindows_server_2019Match-
ORmicrosoftwindows_server_2022Match-
Related
cvelist
cvelist
CVE-2023-36584 Windows Mark of the Web Security Feature Bypass Vulnerability
2023-10-10 17:07:51
cisa_kev
cisa_kev
cve
cve
CVE-2023-36584
2023-10-10 18:15:14
mscve
mscve
Windows Mark of the Web Security Feature Bypass Vulnerability
2023-10-10 07:00:00
attackerkb
attackerkb
CVE-2023-36584
2023-10-10 00:00:00
prion
prion
Security feature bypass
2023-10-10 18:15:00
thn
thn
CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog
2023-11-17 05:57:00
nessus
nessus
KB5031411: Windows Server 2008 Security Update (October 2023)
2023-10-10 00:00:00
KB5031407: Windows Server 2012 R2 Security Update (October 2023)
2023-10-10 00:00:00
KB5031441: Windows Server 2008 R2 Security Update (October 2023)
2023-10-10 00:00:00
mskb
mskb
October 10, 2023âKB5031411 (Security-only update)
2023-10-10 07:00:00
October 10, 2023âKB5031416 (Monthly Rollup)
2023-10-10 07:00:00
October 10, 2023âKB5031442 (Monthly Rollup)
2023-10-10 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5031377)
2023-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5031362)
2023-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5031356)
2023-10-11 00:00:00
kaspersky
kaspersky
KLA61359 Multiple vulnerabilities in Microsoft Products (ESU)
2023-10-10 00:00:00
KLA61358 Multiple vulnerabilities in Microsoft Windows
2023-10-10 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - October 2023
2023-10-10 20:34:57
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
7.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.9%
Related for NVD:CVE-2023-36584