CVE-2023-33170

Опубликовано: 11 июл. 2023

Источник: msrc

CVSS3: 8.1

EPSS Низкий

Описание

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

FAQ

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.

Обновления

Продукт	Статья	Обновление
Microsoft Visual Studio 2022 version 17.0	Release Notes	Security Update
.NET 6.0	5028705	Security Update
Microsoft Visual Studio 2022 version 17.2	Release Notes	Security Update
Microsoft Visual Studio 2022 version 17.4	Release Notes	Security Update
.NET 7.0	5028706	Security Update
Microsoft Visual Studio 2022 version 17.6	Release Notes	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 35%

0.00143

Низкий

8.1 High

CVSS3

Связанные уязвимости

CVE-2023-33170

CVSS3: 8.1

ubuntu

около 2 лет назад

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

CVE-2023-33170

CVSS3: 8.1

redhat

около 2 лет назад

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

CVE-2023-33170

CVSS3: 8.1

nvd

около 2 лет назад

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

RLSA-2023:4059

rocky

почти 2 года назад

Important: .NET 6.0 security, bug fix, and enhancement update

RLSA-2023:4058

rocky

почти 2 года назад

Important: .NET 7.0 security, bug fix, and enhancement update

EPSS

Процентиль: 35%

0.00143

Низкий

8.1 High

CVSS3