Lucene search
MicrosoftCVE-2023-21566HistoryFeb 14, 2023 - 9:15 p.m.
CVE-2023-21566
2023-02-1421:15:10
CWE-73
microsoft
web.nvd.nist.gov
86
visual studio
elevation of privilege
vulnerability
cve-2023-21566
nvd
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0
Percentile
9.5%
Visual Studio Elevation of Privilege Vulnerability
Affected configurations
Node
microsoftvisual_studio_2017Range15.0–15.9.52
ORmicrosoftvisual_studio_2019Range16.0–16.11.24
ORmicrosoftvisual_studio_2022Range17.0–17.0.19
ORmicrosoftvisual_studio_2022Range17.2–17.2.13
ORmicrosoftvisual_studio_2022Range17.4–17.4.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | visual_studio_2017 | * | cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
| microsoft | visual_studio_2019 | * | cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
| microsoft | visual_studio_2022 | * | cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.2",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.2.0",
"lessThan": "17.2.13",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "15.9.0",
"lessThan": "15.9.52",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.4",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.4.0",
"lessThan": "17.4.5",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2022 version 17.0",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "17.0.0",
"lessThan": "17.0.19",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
"cpes": [
"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.11.0",
"lessThan": "16.11.24",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2023-21566 Visual Studio Elevation of Privilege Vulnerability
2023-02-14 20:09:08
prion
prion
Privilege escalation
2023-02-14 21:15:00
mscve
mscve
Visual Studio Elevation of Privilege Vulnerability
2023-02-14 08:00:00
vulnrichment
vulnrichment
CVE-2023-21566 Visual Studio Elevation of Privilege Vulnerability
2023-02-14 20:09:08
nvd
nvd
CVE-2023-21566
2023-02-14 21:15:10
nessus
nessus
Security Updates for Microsoft Visual Studio Products (February 2023)
2023-02-14 00:00:00
kaspersky
kaspersky
KLA20235 Multiple vulnerabilities in Microsoft Developer Tools
2023-02-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2023
2023-02-15 00:41:59
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0
Percentile
9.5%
Related for CVE-2023-21566