Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-36560
HistoryNov 14, 2023 - 6:15 p.m.

CVE-2023-36560

2023-11-1418:15:48
[email protected]
web.nvd.nist.gov
1
asp.net
security feature bypass
vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.0%

JSON

ASP.NET Security Feature Bypass Vulnerability

Affected configurations

NVD
Node
microsoft.net_frameworkMatch2.0sp2
AND
microsoftwindows_server_2008Match-sp2x64
OR
microsoftwindows_server_2008Match-sp2x86
Node
microsoft.net_frameworkMatch3.0sp2
AND
microsoftwindows_server_2008Match-sp2x64
Node
microsoft.net_frameworkMatch3.5-
AND
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
Node
microsoft.net_frameworkMatch3.5-
OR
microsoft.net_frameworkMatch4.6.2
OR
microsoft.net_frameworkMatch4.7
OR
microsoft.net_frameworkMatch4.7.1
OR
microsoft.net_frameworkMatch4.7.2
AND
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2019Match-
Node
microsoft.net_frameworkMatch3.5-
OR
microsoft.net_frameworkMatch4.7.2
AND
microsoftwindows_10_1507Match-x64
OR
microsoftwindows_10_1507Match-x86
OR
microsoftwindows_10_1809Match-arm64
OR
microsoftwindows_10_1809Match-x64
OR
microsoftwindows_10_1809Match-x86
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2019Match-
Node
microsoft.net_frameworkMatch3.5-
OR
microsoft.net_frameworkMatch4.8
AND
microsoftwindows_10_1809Match-x64
OR
microsoftwindows_10_1809Match-x86
OR
microsoftwindows_10_21h2Match-arm64
OR
microsoftwindows_10_21h2Match-x64
OR
microsoftwindows_10_22h2Match-arm64
OR
microsoftwindows_10_22h2Match-x64
OR
microsoftwindows_10_22h2Match-x86
OR
microsoftwindows_11_21h2Match-arm64
OR
microsoftwindows_11_21h2Match-x64
OR
microsoftwindows_server_2019Match-
OR
microsoftwindows_server_2022Match-
Node
microsoft.net_frameworkMatch3.5-
OR
microsoft.net_frameworkMatch4.8.1
AND
microsoftwindows_10_1809Match-x64
OR
microsoftwindows_10_1809Match-x86
OR
microsoftwindows_10_21h2Match-arm64
OR
microsoftwindows_10_21h2Match-x64
OR
microsoftwindows_10_22h2Match-arm64
OR
microsoftwindows_10_22h2Match-x64
OR
microsoftwindows_10_22h2Match-x86
OR
microsoftwindows_11_21h2Match-arm64
OR
microsoftwindows_11_21h2Match-x64
OR
microsoftwindows_11_22h2Match-arm64
OR
microsoftwindows_11_22h2Match-x64
OR
microsoftwindows_11_23h2Match-arm64
OR
microsoftwindows_11_23h2Match-x64
OR
microsoftwindows_server_2022Match-
Node
microsoft.net_frameworkMatch3.5.1
AND
microsoftwindows_server_2008Matchr2sp1x64
Node
microsoft.net_frameworkMatch4.6.2
AND
microsoftwindows_server_2008Match-sp2x64
OR
microsoftwindows_server_2008Match-sp2x86
Node
microsoft.net_frameworkMatch4.6.2
OR
microsoft.net_frameworkMatch4.7
OR
microsoft.net_frameworkMatch4.7.1
OR
microsoft.net_frameworkMatch4.7.2
AND
microsoftwindows_server_2008Matchr2sp1x64
OR
microsoftwindows_server_2008Matchr2sp1x86
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
Node
microsoft.net_frameworkMatch4.8
AND
microsoftwindows_10_1607Match-x64
OR
microsoftwindows_server_2008Match-sp2x64
OR
microsoftwindows_server_2008Match-sp2x86
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2019Match-

Related

vulnrichment 1
cvelist 1
prion 1
cve 1
mscve 1
mskb 17
nessus 1
openvas 6
kaspersky 1
ics 1
rapid7blog 1
vulnrichment
vulnrichment
CVE-2023-36560 ASP.NET Security Feature Bypass Vulnerability
2023-11-14 17:57:05
cvelist
cvelist
CVE-2023-36560 ASP.NET Security Feature Bypass Vulnerability
2023-11-14 17:57:05
prion
prion
Security feature bypass
2023-11-14 18:15:00
cve
cve
CVE-2023-36560
2023-11-14 18:15:48
mscve
mscve
ASP.NET Security Feature Bypass Vulnerability
2023-11-14 08:00:00
mskb
mskb
November 14, 2023-Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 7 Standard and Windows Server 2008 R2 SP1 (KB5032341)
2023-11-14 08:00:00
November 14, 2023-KB5032478 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Azure Stack HCI, version 22H2
2023-11-14 00:00:00
November 14, 2023-KB5032338 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2
2023-11-14 08:00:00
nessus
nessus
Security Updates for Microsoft .NET Framework (November 2023)
2023-11-16 00:00:00
openvas
openvas
Microsoft .NET Framework Multiple Vulnerabilities (KB5032337)
2023-11-15 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (KB5032007)
2023-11-15 00:00:00
Microsoft .NET Framework Multiple Vulnerabilities (KB5031989)
2023-11-15 00:00:00
kaspersky
kaspersky
KLA61979 Multiple vulnerabilities in Microsoft Developer Tools
2023-11-14 00:00:00
ics
ics
Siemens Telecontrol Server Basic
2024-04-11 12:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2023
2023-11-14 21:27:09

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0005 Low

EPSS

Percentile

17.0%

JSON
Related for NVD:CVE-2023-36560
vulnrichment1cvelist1prion1cve1mscve1mskb17nessus1openvas6kaspersky1ics1rapid7blog1