6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
7.7 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.8%
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by security feature bypass vulnerability as referenced in the vendor advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(185884);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/16");
script_cve_id("CVE-2023-36558");
script_xref(name:"IAVA", value:"2023-A-0617-S");
script_name(english:"Security Update for Microsoft ASP.NET Core (November 2023) (CVE-2023-36558)");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host is affected by a ASP.NET Core vulnerability");
script_set_attribute(attribute:"description", value:
"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by
security feature bypass vulnerability as referenced in the vendor advisory.
- ASP.NET Core - Security Feature Bypass Vulnerability (CVE-2023-36558)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://dotnet.microsoft.com/download/dotnet/6.0");
script_set_attribute(attribute:"see_also", value:"https://dotnet.microsoft.com/en-us/download/dotnet/7.0");
script_set_attribute(attribute:"see_also", value:"https://dotnet.microsoft.com/en-us/download/dotnet/8.0");
script_set_attribute(attribute:"see_also", value:"https://github.com/dotnet/announcements/issues/288");
script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558");
script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/help/5032883");
script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/help/5032884");
# https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.25/6.0.25.md
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?aac42578");
# https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.14/7.0.14.md
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5cacbbd5");
# https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.0/8.0.0.md
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1e233323");
script_set_attribute(attribute:"solution", value:
"Update .NET Core, remove vulnerable packages and refer to vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-36558");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/14");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:asp.net_core");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("microsoft_asp_dotnet_core_win.nbin");
script_require_keys("installed_sw/ASP .NET Core Windows");
exit(0);
}
include('vcf.inc');
var app = 'ASP .NET Core Windows';
var conversions = {"preview" : -70, "rc": -20};
vcf::add_conversions(conversions);
var app_info = vcf::get_app_info(app:app, win_local:TRUE);
var constraints = [
{ 'min_version' : '6.0.0', 'fixed_version' : '6.0.25' },
{ 'min_version' : '7.0.0', 'fixed_version' : '7.0.14' },
{ 'min_version' : '8.0.0-preview.1', 'fixed_version' : '8.0.0' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | asp.net_core | cpe:/a:microsoft:asp.net_core |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36558
www.nessus.org/u?1e233323
www.nessus.org/u?5cacbbd5
www.nessus.org/u?aac42578
dotnet.microsoft.com/download/dotnet/6.0
dotnet.microsoft.com/en-us/download/dotnet/7.0
dotnet.microsoft.com/en-us/download/dotnet/8.0
github.com/dotnet/announcements/issues/288
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558
support.microsoft.com/help/5032883
support.microsoft.com/help/5032884
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
7.7 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.8%