All the vulnerabilites related to Microsoft - PowerShell 7.3
cve-2023-33128
Vulnerability from cvelistv5
Published
2023-06-13 23:26
Modified
2024-08-02 15:39
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
Impacted products
Vendor Product Version
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.7
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.22
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.16
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.8
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.3
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.5
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-33128",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T14:18:33.333686Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-08T14:18:51.143Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:39:35.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET and Visual Studio Remote Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.18",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.7",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.22",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.16",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.8",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.5",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-06-13T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET and Visual Studio Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-19T20:22:22.547Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET and Visual Studio Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128"
        }
      ],
      "title": ".NET and Visual Studio Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-33128",
    "datePublished": "2023-06-13T23:26:22.949Z",
    "dateReserved": "2023-05-17T21:16:44.895Z",
    "dateUpdated": "2024-08-02T15:39:35.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-33127
Vulnerability from cvelistv5
Published
2023-07-11 17:03
Modified
2024-08-02 15:39
Summary
.NET and Visual Studio Elevation of Privilege Vulnerability
Impacted products
Vendor Product Version
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.9
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.23
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.17
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.9
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.5
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.13
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.6
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:39:35.413Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET and Visual Studio Elevation of Privilege Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.20",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.9",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.23",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.17",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.9",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.5",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.13",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.6",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-07-11T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET and Visual Studio Elevation of Privilege Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1220",
              "description": "CWE-1220: Insufficient Granularity of Access Control",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T02:58:25.472Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET and Visual Studio Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127"
        }
      ],
      "title": ".NET and Visual Studio Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-33127",
    "datePublished": "2023-07-11T17:03:05.826Z",
    "dateReserved": "2023-05-17T21:16:44.895Z",
    "dateUpdated": "2024-08-02T15:39:35.413Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-38171
Vulnerability from cvelistv5
Published
2023-10-10 17:07
Modified
2024-12-10 18:20
Summary
Microsoft QUIC Denial of Service Vulnerability
Impacted products
Vendor Product Version
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.13
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.9
Microsoft Microsoft Visual Studio 2022 version 17.7 Version: 17.7.0   < 17.7.6
Microsoft Windows Server 2022 Version: 10.0.0   < 10.0.20348.2031
Microsoft Windows 11 version 21H2 Version: 10.0.0   < 10.0.22000.2538
Microsoft Windows 11 version 22H2 Version: 10.0.0   < 10.0.22621.2428
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.13
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.9
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:30:14.169Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Microsoft QUIC Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.21",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.13",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.9",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.7",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.7.6",
              "status": "affected",
              "version": "17.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.2031",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.2538",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.2428",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.13",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.9",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "17.2.21",
                  "versionStartIncluding": "17.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "17.4.13",
                  "versionStartIncluding": "17.4.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "17.6.9",
                  "versionStartIncluding": "17.6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "17.7.6",
                  "versionStartIncluding": "17.7.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.2031",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22000.2538",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22621.2428",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.13",
                  "versionStartIncluding": "7.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*",
                  "versionEndExcluding": "7.3.9",
                  "versionStartIncluding": "7.3.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2023-10-10T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft QUIC Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-10T18:20:35.956Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft QUIC Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171"
        }
      ],
      "title": "Microsoft QUIC Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-38171",
    "datePublished": "2023-10-10T17:07:23.843Z",
    "dateReserved": "2023-07-12T23:41:45.863Z",
    "dateUpdated": "2024-12-10T18:20:35.956Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0057
Vulnerability from cvelistv5
Published
2024-01-09 17:56
Modified
2024-10-08 15:39
Summary
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
Impacted products
Vendor Product Version
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.15
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft .NET 6.0 Version: 6.0.0   < 6.0.26
    cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.23
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Version: 16.11.0   < 16.11.34
    cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.15
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.11
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.8 Version: 17.8.0   < 17.8.4
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft NuGet 5.11.0 Version: 5.11.0   < 5.11.6.0
    cpe:2.3:a:microsoft:nuget:5.11.0:*:*:*:*:*:*:*
Microsoft NuGet 17.4.0 Version: 17.4.0   < 17.4.3.0
    cpe:2.3:a:microsoft:nuget:17.4.0:*:*:*:*:*:*:*
Microsoft NUGET 17.6.0 Version: 17.6.0   < 17.6.2.0
    cpe:2.3:a:microsoft:nuget:17.6.0:*:*:*:*:*:*:*
Microsoft NuGet 17.8.0 Version: 17.8.0   < 17.8.1.0
    cpe:2.3:a:microsoft:nuget:17.8.0:*:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.18
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.11
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft PowerShell 7.4 Version: 7.4.0   < 7.4.2
    cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.8 Version: 4.8.0   < 4.8.04690.02
Version: 4.8.0   < 4.8.04690.01
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8 Version: 4.8.0   < 4.8.04690.02
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.7.2 Version: 4.7.0   < 4.7.04081.03
Version: 4.7.0   < 10.0.14393.6614
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 Version: 4.7.0   < 4.7.04081.02
Version: 4.7.0   < 4.7.04081.03
Version: 4.7.0   < 3.0.50727.8976
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8.1 Version: 4.8.1   < 4.8.09214.01
    cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 2.0 Service Pack 2 Version: 2.0.0   < 3.0.50727.8976
    cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.0 Service Pack 2 Version: 3.0.0   < 3.0.50727.8976
    cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.867Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240208-0007/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 8.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "8.0.1",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.15",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.26",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.23",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.11.34",
              "status": "affected",
              "version": "16.11.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.15",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.11",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.8.4",
              "status": "affected",
              "version": "17.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:nuget:5.11.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "NuGet 5.11.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "5.11.6.0",
              "status": "affected",
              "version": "5.11.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:nuget:17.4.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "NuGet 17.4.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.3.0",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:nuget:17.6.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "NUGET 17.6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.2.0",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:nuget:17.8.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "NuGet 17.8.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.8.1.0",
              "status": "affected",
              "version": "17.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.18",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.11",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.4.2",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2016",
            "Windows Server 2016 (Server Core installation)",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2012 R2",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.04690.02",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.8.04690.01",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)",
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.04690.02",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2016 (Server Core installation)",
            "Windows Server 2016"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04081.03",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0.14393.6614",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2012 R2",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04081.02",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.04081.03",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "3.0.50727.8976",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 11 Version 22H2 for ARM64-based Systems",
            "Windows 11 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 11 Version 23H2 for ARM64-based Systems",
            "Windows 11 Version 23H2 for x64-based Systems",
            "Windows Server 2022, 23H2 Edition (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.09214.01",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 2.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.50727.8976",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 3.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.50727.8976",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-01-09T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-08T15:39:52.262Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057"
        }
      ],
      "title": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-0057",
    "datePublished": "2024-01-09T17:56:59.552Z",
    "dateReserved": "2023-11-22T17:43:37.319Z",
    "dateUpdated": "2024-10-08T15:39:52.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-41076
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 12:35
Summary
PowerShell Remote Code Execution Vulnerability
Impacted products
Vendor Product Version
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.1
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft Windows 10 Version 1809 Version: 10.0.0   < 10.0.17763.3770
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3770:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3770:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3770:*:*:*:*:*:arm64:*
Microsoft Windows Server 2019 Version: 10.0.0   < 10.0.17763.3770
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3770:*:*:*:*:*:*:*
Microsoft Windows Server 2019 (Server Core installation) Version: 10.0.0   < 10.0.17763.3770
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3770:*:*:*:*:*:*:*
Microsoft Windows 10 Version 21H1 Version: 10.0.0   < 10.0.19043.2364
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2364:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2364:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2364:*:*:*:*:*:x86:*
Microsoft Windows Server 2022 Version: 10.0.0   < 10.0.20348.1366
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1366:*:*:*:*:*:*:*
Microsoft Windows 10 Version 20H2 Version: 10.0.0   < 10.0.19042.2364
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2364:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2364:*:*:*:*:*:arm64:*
Microsoft Windows 11 version 21H2 Version: 10.0.0   < 10.0.22000.1335
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1335:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1335:*:*:*:*:*:arm64:*
Microsoft Windows 10 Version 21H2 Version: 10.0.0   < 10.0.19044.2364
    cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2364:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2364:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2364:*:*:*:*:*:x64:*
Microsoft Windows 11 version 22H2 Version: 10.0.0   < 10.0.22621.993
    cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.993:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.993:*:*:*:*:*:x64:*
Microsoft Windows 10 Version 22H2 Version: 10.0.0   < 10.0.19045.2364
    cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2364:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2364:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2364:*:*:*:*:*:x86:*
Microsoft Windows 10 Version 1507 Version: 10.0.0   < 10.0.10240.19624
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19624:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19624:*:*:*:*:*:x64:*
Microsoft Windows 10 Version 1607 Version: 10.0.0   < 10.0.14393.5582
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5582:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5582:*:*:*:*:*:x64:*
Microsoft Windows Server 2016 Version: 10.0.0   < 10.0.14393.5582
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582:*:*:*:*:*:*:*
Microsoft Windows Server 2016 (Server Core installation) Version: 10.0.0   < 10.0.14393.5582
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582:*:*:*:*:*:*:*
Microsoft Windows 7 Version: 6.1.0   < 6.1.7601.26266
    cpe:2.3:o:microsoft:windows_7:6.1.7601.26266:sp1:*:*:*:*:x86:*
Microsoft Windows 7 Service Pack 1 Version: 6.1.0   < 6.1.7601.26266
    cpe:2.3:o:microsoft:windows_7:6.1.7601.26266:sp1:*:*:*:*:x64:*
Microsoft Windows 8.1 Version: 6.3.0   < 6.3.9600.20721
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20721:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20721:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20721:*:*:*:*:*:*:*
Microsoft Windows Server 2008 Service Pack 2 Version: 6.0.0   < 6.0.6003.21815
    cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x64:*
Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Version: 6.0.0   < 6.0.6003.21815
    cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x86:*
Microsoft Windows Server 2008 Service Pack 2 Version: 6.0.0   < 6.0.6003.21815
    cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x86:*
Microsoft Windows Server 2008 R2 Service Pack 1 Version: 6.1.0   < 6.1.7601.26266
    cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26266:*:*:*:*:*:x64:*
Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Version: 6.0.0   < 6.1.7601.26266
    cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26266:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 Version: 6.2.0   < 6.2.9200.24018
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24018:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 (Server Core installation) Version: 6.2.0   < 6.2.9200.24018
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24018:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 R2 Version: 6.3.0   < 6.3.9600.20721
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20721:*:*:*:*:*:x64:*
Microsoft Windows Server 2012 R2 (Server Core installation) Version: 6.3.0   < 6.3.9600.20721
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20721:*:*:*:*:*:x64:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:35:49.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41076"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.8",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.1",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3770:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3770:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3770:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.3770",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3770:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.3770",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3770:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.3770",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2364:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2364:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.2364:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.2364",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1366:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.1366",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2364:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.2364:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.2364",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1335:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1335:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.1335",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2364:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2364:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.2364:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.2364",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.993:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.993:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.993",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2364:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2364:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2364:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.2364",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19624:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19624:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19624",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5582:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5582:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.5582",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.5582",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.5582",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_7:6.1.7601.26266:sp1:*:*:*:*:x86:*"
          ],
          "platforms": [
            "32-bit Systems"
          ],
          "product": "Windows 7",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.26266",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_7:6.1.7601.26266:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 7 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.26266",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20721:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20721:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20721:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20721",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.21815",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.21815",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21815:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008  Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.6003.21815",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26266:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.26266",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26266:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.1.7601.26266",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24018:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.24018",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24018:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.24018",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20721:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20721",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20721:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20721",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-12-13T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "PowerShell Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T13:58:00.093Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41076"
        }
      ],
      "title": "PowerShell Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2022-41076",
    "datePublished": "2022-12-13T00:00:00",
    "dateReserved": "2022-09-19T00:00:00",
    "dateUpdated": "2024-08-03T12:35:49.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-24895
Vulnerability from cvelistv5
Published
2023-06-14 14:52
Modified
2024-08-02 11:11
Summary
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Impacted products
Vendor Product Version
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.22
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.16
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.8
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.3
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.12
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.5
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.8 Version: 4.8.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8 Version: 4.8.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.7.2 Version: 4.7.0   < 4.7.4050.0
Version: 4.7.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 Version: 3.0.0.0   < 10.0.14393.5989
    cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 Version: 4.7.0   < 4.7.04043.0
Version: 4.7.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8.1 Version: 4.8.1   < 4.8.9166.0
    cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2 Version: 4.7.0   < 4.7.04043.0
Version: 4.7.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 and 4.6.2 Version: 4.7.0   < 10.0.10240.19983
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 2.0 Service Pack 2 Version: 2.0.0   < 3.0.6920.8954; 2.0.50727.8970
Version: 2.0.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.0 Service Pack 2 Version: 3.0.0   < 3.0.6920.8954; 2.0.50727.8970
Version: 3.0.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 Version: 3.5.0   < 3.0.6920.8954; 2.0.50727.8970
    cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5.1 Version: 3.5.0   < 3.0.6920.8954; 2.0.50727.8970
    cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24895",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-12T14:58:02.929435Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T14:58:08.964Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:42.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.7",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.22",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.16",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.8",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.12",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.5",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2016",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2012 R2 (Server Core installation)",
            "Windows Server 2012",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2016 (Server Core installation)",
            "Windows Server 2012 R2"
          ],
          "product": "Microsoft .NET Framework 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows Server 2019",
            "Windows Server 2022 (Server Core installation)",
            "Windows Server 2019 (Server Core installation)",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows Server 2022",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2016",
            "Windows Server 2016 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.5989",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2012 R2 (Server Core installation)",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012 R2"
          ],
          "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04043.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 11 Version 22H2 for ARM64-based Systems",
            "Windows 11 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.9166.0",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04043.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 for 32-bit Systems",
            "Windows 10 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 and 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19983",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 2.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 3.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2012",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012 R2",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-06-13T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-19T20:21:46.335Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895"
        }
      ],
      "title": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-24895",
    "datePublished": "2023-06-14T14:52:18.749Z",
    "dateReserved": "2023-01-31T20:32:35.471Z",
    "dateUpdated": "2024-08-02T11:11:42.252Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-41089
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 12:35
Summary
.NET Framework Remote Code Execution Vulnerability
Impacted products
Vendor Product Version
Microsoft Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Version: 16.11.0   < 16.11.22
    cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.17
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.3
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft .NET 6.0 Version: 6.0.0   < 6.0.12
    cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*
Microsoft .NET Core 3.1 Version: 3.1   < 3.1.32
    cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.1
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.9
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.2
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.8 Version: 4.8.0   < 04590.02
Version: 4.8.0   < 4590.03
Version: 4.8.0   < 04590.03
Version: 4.8.0   < 04590.04
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8 Version: 4.8.0   < 04590.02
Version: 4.8.0   < 04590.04
Version: 4.8.0   < 4590.02
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.7.2 Version: 4.7.0   < 04010.02
Version: 4.7.0   < 04590.02
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8.1 Version: 4.8.1   < 09115.01
Version: 4.8.1   < 9115.01
Version: 4.8.1   < 04590.04
    cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 2.0 Service Pack 2 Version: 2.0.0   < 30729.8953
    cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.0 Service Pack 2 Version: 3.0.0   < 30729.8953
    cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 Version: 3.5.0   < 30729.8953
    cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5.1 Version: 3.5.0   < 30729.8953
    cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 Version: 4.7.0   < 04010.02
Version: 4.7.0   < 4010.03
Version: 4.7.0   < 04590.03
Version: 4.7.0   < 04010.03
Version: 4.7.0   < 30729.8953
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2 Version: 4.7.0   < 04010.02
Version: 4.7.0   < 04010.03
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.6/4.6.2 Version: 10.0.0   < 10.0.10240.19624
    cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:35:49.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.11",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.11.22",
              "status": "affected",
              "version": "16.11.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.17",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.3",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.12",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET Core 3.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.1.32",
              "status": "affected",
              "version": "3.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.1",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.9",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.2",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2012 R2",
            "Windows Server 2012 (Server Core installation)",
            "Windows 8.1 for 32-bit systems",
            "Windows Server 2016",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2012",
            "Windows Server 2016 (Server Core installation)",
            "Windows 7 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows 7 for 32-bit Systems Service Pack 1",
            "Windows Server 2012 R2 (Server Core installation)",
            "Windows RT 8.1",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 8.1 for x64-based systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 10 Version 22H2 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "04590.02",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4590.03",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "04590.03",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "04590.04",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)",
            "Windows 10 Version 21H1 for ARM64-based Systems",
            "Windows 10 Version 21H1 for x64-based Systems",
            "Windows 10 Version 21H1 for 32-bit Systems",
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 10 Version 20H2 for 32-bit Systems",
            "Windows 10 Version 20H2 for ARM64-based Systems",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "04590.02",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "04590.04",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4590.02",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows Server 2019 (Server Core installation)",
            "Windows Server 2019",
            "Windows 10 Version 1809 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "04010.02",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "04590.02",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H1 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 11 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 21H1 for 32-bit Systems",
            "Windows 10 Version 20H2 for ARM64-based Systems",
            "Windows 11 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 21H1 for x64-based Systems",
            "Windows 10 Version 20H2 for 32-bit Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "09115.01",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9115.01",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "04590.04",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 2.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "30729.8953",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for x64-based Systems Service Pack 2",
            "Windows Server 2008 for 32-bit Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 3.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "30729.8953",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 8.1 for x64-based systems",
            "Windows 8.1 for 32-bit systems",
            "Windows Server 2012 R2",
            "Windows Server 2012",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "30729.8953",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 7 for 32-bit Systems Service Pack 1",
            "Windows 7 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "30729.8953",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 7 for 32-bit Systems Service Pack 1",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012 R2",
            "Windows Server 2012 R2 (Server Core installation)",
            "Windows 8.1 for 32-bit systems",
            "Windows 7 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows RT 8.1",
            "Windows 8.1 for x64-based systems"
          ],
          "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "04010.02",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4010.03",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "04590.03",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "04010.03",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "30729.8953",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
            "Windows Server 2008 for x64-based Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "04010.02",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "04010.03",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 for x64-based Systems",
            "Windows 10 for 32-bit Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.6/4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19624",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-12-13T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET Framework Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T13:57:58.533Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089"
        }
      ],
      "title": ".NET Framework Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2022-41089",
    "datePublished": "2022-12-13T00:00:00",
    "dateReserved": "2022-09-19T00:00:00",
    "dateUpdated": "2024-08-03T12:35:49.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-32032
Vulnerability from cvelistv5
Published
2023-06-13 23:26
Modified
2024-08-02 15:03
Summary
.NET and Visual Studio Elevation of Privilege Vulnerability
Impacted products
Vendor Product Version
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.16
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.22
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.8
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.3
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.5
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32032",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-22T20:01:37.888322Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-22T20:01:48.177Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:03:28.638Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET and Visual Studio Elevation of Privilege Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.7",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.16",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.22",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.8",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.5",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-06-13T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET and Visual Studio Elevation of Privilege Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-19T20:22:21.416Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET and Visual Studio Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032"
        }
      ],
      "title": ".NET and Visual Studio Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-32032",
    "datePublished": "2023-06-13T23:26:21.832Z",
    "dateReserved": "2023-05-01T15:34:52.133Z",
    "dateUpdated": "2024-08-02T15:03:28.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-36435
Vulnerability from cvelistv5
Published
2023-10-10 17:08
Modified
2024-12-10 18:20
Summary
Microsoft QUIC Denial of Service Vulnerability
Impacted products
Vendor Product Version
Microsoft Windows Server 2022 Version: 10.0.0   < 10.0.20348.2031
Microsoft Windows 11 version 21H2 Version: 10.0.0   < 10.0.22000.2538
Microsoft Windows 11 version 22H2 Version: 10.0.0   < 10.0.22621.2428
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.13
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:45:56.959Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Microsoft QUIC Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36435"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.9",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.2031",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.2538",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.2428",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.13",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:powershell:*:-:*:*:*:*:*:*",
                  "versionEndExcluding": "7.3.9",
                  "versionStartIncluding": "7.3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.2031",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22000.2538",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.22621.2428",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.13",
                  "versionStartIncluding": "7.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2023-10-10T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft QUIC Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-10T18:20:21.994Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft QUIC Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36435"
        }
      ],
      "title": "Microsoft QUIC Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-36435",
    "datePublished": "2023-10-10T17:08:03.619Z",
    "dateReserved": "2023-06-21T15:14:27.788Z",
    "dateUpdated": "2024-12-10T18:20:21.994Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-21392
Vulnerability from cvelistv5
Published
2024-03-12 16:57
Modified
2024-08-01 22:20
Summary
.NET and Visual Studio Denial of Service Vulnerability
Impacted products
Vendor Product Version
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.12
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft PowerShell 7.4 Version: N/A
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.17
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft .NET 8.0 Version: 1.0.0   < 8.0.3
    cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.13
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.17
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.8 Version: 17.8.0   < 17.8.8
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21392",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-12T19:02:46.047938Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T18:27:30.599Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:20:40.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET and Visual Studio Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21392"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.9",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.9.3",
              "status": "affected",
              "version": "17.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.12",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "N/A"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.17",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 8.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "8.0.3",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.13",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.17",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.8.8",
              "status": "affected",
              "version": "17.8.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-03-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET and Visual Studio Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-11T15:09:29.487Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET and Visual Studio Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21392"
        }
      ],
      "title": ".NET and Visual Studio Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-21392",
    "datePublished": "2024-03-12T16:57:42.012Z",
    "dateReserved": "2023-12-08T22:45:20.454Z",
    "dateUpdated": "2024-08-01T22:20:40.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-21409
Vulnerability from cvelistv5
Published
2024-04-09 17:00
Modified
2024-10-09 01:40
Summary
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Impacted products
Vendor Product Version
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.18
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.14
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.8 Version: 17.8.0   < 17.8.9
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.12
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft PowerShell 7.4 Version: 7.4.0   < 7.4.2
    cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.19
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft .NET 6.0 Version: 6.0.0   < 6.0.29
    cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.18
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft .NET 8.0 Version: 1.0.0   < 8.0.4
    cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.8 Version: 4.8.0   < 4.8.4718.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8 Version: 4.8.0   < 4.8.4718.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.7.2 Version: 4.7.0   < 4.7.4092.0
Version: 4.7.0   < 10.0.14393.6897
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 Version: 4.7.0   < 4.7.4092.0
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8.1 Version: 4.8.1   < 4.8.9236.0
Version: 4.8.1   < 4.8.9206.0
    cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2 Version: 4.7.0   < 4.7.4092.0
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21409",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-25T00:14:54.668309Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:37:59.942Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:20:40.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.9",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.9.6",
              "status": "affected",
              "version": "17.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.18",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.14",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.8.9",
              "status": "affected",
              "version": "17.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.12",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.4.2",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.19",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.29",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.18",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 8.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "8.0.4",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012 R2",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4718.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)",
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2016",
            "Windows Server 2016 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4718.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2016",
            "Windows Server 2016 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.4092.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0.14393.6897",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012 R2",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.4092.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 11 Version 22H2 for ARM64-based Systems",
            "Windows 11 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 11 Version 23H2 for ARM64-based Systems",
            "Windows 11 Version 23H2 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.9236.0",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "4.8.9206.0",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
            "Windows Server 2008 for x64-based Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.4092.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-04-09T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-09T01:40:43.466Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409"
        }
      ],
      "title": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-21409",
    "datePublished": "2024-04-09T17:00:08.248Z",
    "dateReserved": "2023-12-08T22:45:21.299Z",
    "dateUpdated": "2024-10-09T01:40:43.466Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-24936
Vulnerability from cvelistv5
Published
2023-06-14 14:52
Modified
2024-08-02 11:11
Summary
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Impacted products
Vendor Product Version
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.22
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.8
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft .NET 6.0 Version: 6.0.0   < 6.0.18
    cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.7
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.3
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.12
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.5
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.8 Version: 4.8.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8 Version: 4.8.0   < 4.8.4644.0
Version: 4.8.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.7.2 Version: 4.7.0   < 4.7.4050.0
Version: 4.7.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 Version: 3.0.0.0   < 10.0.14393.5989
    cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 Version: 4.7.0   < 4.7.04043.0
Version: 4.7.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8.1 Version: 4.8.1   < 4.8.9166.0
    cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2 Version: 4.7.0   < 4.7.04043.0
Version: 4.7.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 and 4.6.2 Version: 4.7.0   < 10.0.10240.19983
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 2.0 Service Pack 2 Version: 2.0.0   < 3.0.6920.8954; 2.0.50727.8970
Version: 2.0.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.0 Service Pack 2 Version: 3.0.0   < 3.0.6920.8954; 2.0.50727.8970
Version: 3.0.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5.1 Version: 3.5.0   < 3.0.6920.8954; 2.0.50727.8970
    cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 Version: 3.5.0   < 3.0.6920.8954; 2.0.50727.8970
    cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24936",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T14:48:19.526051Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:21:22.183Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.705Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.16",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.22",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.8",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.18",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.7",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.12",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.5",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2016 (Server Core installation)",
            "Windows Server 2012 R2 (Server Core installation)",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2012 R2",
            "Windows Server 2016"
          ],
          "product": "Microsoft .NET Framework 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows Server 2022 (Server Core installation)",
            "Windows Server 2022",
            "Windows Server 2019",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows Server 2019 (Server Core installation)",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 11 version 21H2 for ARM64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows Server 2019",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows Server 2019 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2016",
            "Windows Server 2016 (Server Core installation)",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.5989",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2012 R2",
            "Windows Server 2012",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04043.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2022 (Server Core installation)",
            "Windows Server 2022",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems",
            "Windows 11 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 11 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.9166.0",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
            "Windows Server 2008 for x64-based Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)",
            "Windows Server 2008 for 32-bit Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04043.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 for 32-bit Systems",
            "Windows 10 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 and 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19983",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 2.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for x64-based Systems Service Pack 2",
            "Windows Server 2008 for 32-bit Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 3.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2012 R2 (Server Core installation)",
            "Windows Server 2012 R2"
          ],
          "product": "Microsoft .NET Framework 3.5",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-06-13T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of Privilege",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-19T20:21:46.957Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936"
        }
      ],
      "title": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-24936",
    "datePublished": "2023-06-14T14:52:19.301Z",
    "dateReserved": "2023-01-31T20:37:47.257Z",
    "dateUpdated": "2024-08-02T11:11:43.705Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-28260
Vulnerability from cvelistv5
Published
2023-04-11 19:13
Modified
2024-08-02 12:30
Summary
.NET DLL Hijacking Remote Code Execution Vulnerability
Impacted products
Vendor Product Version
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.5
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.5 Version: 17.5.0   < 17.5.4
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.7
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.15
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.21
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.4
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.11
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:30:24.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET DLL Hijacking Remote Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.16",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.5",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.5",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.5.4",
              "status": "affected",
              "version": "17.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.7",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.15",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.21",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.4",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.11",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-04-11T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET DLL Hijacking Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T01:56:35.458Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET DLL Hijacking Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260"
        }
      ],
      "title": ".NET DLL Hijacking Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-28260",
    "datePublished": "2023-04-11T19:13:56.662Z",
    "dateReserved": "2023-03-13T22:18:32.391Z",
    "dateUpdated": "2024-08-02T12:30:24.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-36799
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Summary
.NET Core and Visual Studio Denial of Service Vulnerability
Impacted products
Vendor Product Version
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.13
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.21
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.13
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.7 Version: 17.7.0   < 17.6.9
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.9
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.14
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.2.14
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-36799",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T16:23:47.132893Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:25:46.976Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:01:09.676Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET Core and Visual Studio Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.24",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.13",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.21",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.13",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.7",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.9",
              "status": "affected",
              "version": "17.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.9",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.14",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.14",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-09-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET Core and Visual Studio Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T02:41:10.655Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET Core and Visual Studio Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799"
        }
      ],
      "title": ".NET Core and Visual Studio Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-36799",
    "datePublished": "2023-09-12T16:58:38.681Z",
    "dateReserved": "2023-06-27T15:11:59.874Z",
    "dateUpdated": "2024-08-02T17:01:09.676Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-36013
Vulnerability from cvelistv5
Published
2023-11-20 16:02
Modified
2024-08-02 16:37
Summary
PowerShell Information Disclosure Vulnerability
Impacted products
Vendor Product Version
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.10
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft PowerShell 7.4 Version: 7.4.0   < 7.4.0
    cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:37:41.179Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "PowerShell Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36013"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.17",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.10",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.4.0",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-11-17T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "PowerShell Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798: Use of Hard-coded Credentials",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T01:21:32.265Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "PowerShell Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36013"
        }
      ],
      "title": "PowerShell Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-36013",
    "datePublished": "2023-11-20T16:02:37.051Z",
    "dateReserved": "2023-06-20T20:44:39.822Z",
    "dateUpdated": "2024-08-02T16:37:41.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-29331
Vulnerability from cvelistv5
Published
2023-06-14 14:52
Modified
2024-08-02 14:07
Summary
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
Impacted products
Vendor Product Version
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.7
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.0 Version: 17.0.0   < 17.0.22
    cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.2 Version: 17.2.0   < 17.2.16
    cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.8
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.3
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft PowerShell 7.2 Version: 7.2.0   < 7.2.12
    cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.5
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.8 Version: 4.8.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8 Version: 4.8.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.7.2 Version: 4.7.0   < 4.7.4050.0
Version: 4.7.0   < 4.8.4644.0
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 Version: 3.0.0.0   < 10.0.14393.5989
    cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 Version: 4.7.0   < 4.7.04043.0
Version: 4.7.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 AND 4.8.1 Version: 4.8.1   < 4.8.9166.0
    cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 4.6.2 Version: 4.7.0   < 4.7.04043.0
Version: 4.7.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 and 4.6.2 Version: 4.7.0   < 10.0.10240.19983
    cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 2.0 Service Pack 2 Version: 2.0.0   < 3.0.6920.8954; 2.0.50727.8970
Version: 2.0.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.0 Service Pack 2 Version: 3.0.0   < 3.0.6920.8954; 2.0.50727.8970
Version: 3.0.0   < 4.7.4050.0
    cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5 Version: 3.5.0   < 3.0.6920.8954; 2.0.50727.8970
    cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*
Microsoft Microsoft .NET Framework 3.5.1 Version: 3.5.0   < 3.0.6920.8954; 2.0.50727.8970
    cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:07:45.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 6.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.0.18",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.7",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.0.22",
              "status": "affected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.2.16",
              "status": "affected",
              "version": "17.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.8",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.2.12",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.5",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2012",
            "Windows Server 2016",
            "Windows Server 2012 (Server Core installation)",
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows Server 2016 (Server Core installation)",
            "Windows Server 2012 R2 (Server Core installation)",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2012 R2",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2022",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)",
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows Server 2022 (Server Core installation)",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1809 for 32-bit Systems",
            "Windows 10 Version 1809 for x64-based Systems",
            "Windows 10 Version 1809 for ARM64-based Systems",
            "Windows Server 2019",
            "Windows Server 2019 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.8.4644.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 Version 1607 for 32-bit Systems",
            "Windows 10 Version 1607 for x64-based Systems",
            "Windows Server 2016",
            "Windows Server 2016 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.5989",
              "status": "affected",
              "version": "3.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012",
            "Windows Server 2012 R2",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04043.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2022",
            "Windows Server 2022 (Server Core installation)",
            "Windows 11 version 21H2 for ARM64-based Systems",
            "Windows 11 version 21H2 for x64-based Systems",
            "Windows 10 Version 21H2 for 32-bit Systems",
            "Windows 10 Version 21H2 for x64-based Systems",
            "Windows 10 Version 21H2 for ARM64-based Systems",
            "Windows 11 Version 22H2 for ARM64-based Systems",
            "Windows 11 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for x64-based Systems",
            "Windows 10 Version 22H2 for ARM64-based Systems",
            "Windows 10 Version 22H2 for 32-bit Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 AND 4.8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.8.9166.0",
              "status": "affected",
              "version": "4.8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)",
            "Windows Server 2008 for x64-based Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "4.7.04043.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows 10 for 32-bit Systems",
            "Windows 10 for x64-based Systems"
          ],
          "product": "Microsoft .NET Framework 3.5 and 4.6.2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19983",
              "status": "affected",
              "version": "4.7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for x64-based Systems Service Pack 2",
            "Windows Server 2008 for 32-bit Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 2.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 for 32-bit Systems Service Pack 2",
            "Windows Server 2008 for x64-based Systems Service Pack 2"
          ],
          "product": "Microsoft .NET Framework 3.0 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.7.4050.0",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2012 (Server Core installation)",
            "Windows Server 2012 R2",
            "Windows Server 2012",
            "Windows Server 2012 R2 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1",
            "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
          ],
          "product": "Microsoft .NET Framework 3.5.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "3.0.6920.8954; 2.0.50727.8970",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-06-13T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-19T20:21:59.804Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331"
        }
      ],
      "title": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-29331",
    "datePublished": "2023-06-14T14:52:19.830Z",
    "dateReserved": "2023-04-04T22:34:18.378Z",
    "dateUpdated": "2024-08-02T14:07:45.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-26190
Vulnerability from cvelistv5
Published
2024-03-12 16:57
Modified
2024-08-01 23:59
Summary
Microsoft QUIC Denial of Service Vulnerability
Impacted products
Vendor Product Version
Microsoft Windows Server 2022 Version: 10.0.0   < 10.0.20348.2340
Version: 10.0.0   < 10.0.20348.2333
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2340:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2333:*:*:*:*:*:*:*
Microsoft Windows 11 version 21H2 Version: 10.0.0   < 10.0.22000.2836
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836:*:*:*:*:*:arm64:*
Microsoft Windows 11 version 22H2 Version: 10.0.0   < 10.0.22621.3296
    cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296:*:*:*:*:*:x64:*
Microsoft Windows 11 version 22H3 Version: 10.0.0   < 10.0.22631.3296
    cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:arm64:*
Microsoft Windows 11 Version 23H2 Version: 10.0.0   < 10.0.22631.3296
    cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:x64:*
Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Version: 10.0.0   < 10.0.25398.763
    cpe:2.3:o:microsoft:windows_server_23h2:10.0.25398.763:*:*:*:*:*:*:*
Microsoft PowerShell 7.3 Version: 7.3.0   < 7.3.12
    cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*
Microsoft PowerShell 7.4 Version: 7.4.0   < 7.4.2
    cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.4 Version: 17.4.0   < 17.4.17
    cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.6 Version: 17.6.0   < 17.6.13
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft Microsoft Visual Studio 2022 version 17.8 Version: 17.8.0   < 17.8.8
    cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*
Microsoft .NET 7.0 Version: 7.0.0   < 7.0.17
    cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*
Microsoft .NET 8.0 Version: 1.0.0   < 8.0.3
    cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26190",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-12T18:40:23.257976Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T18:20:58.065Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:59:32.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Microsoft QUIC Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.9",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.9.3",
              "status": "affected",
              "version": "17.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2340:*:*:*:*:*:*:*",
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2333:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.2340",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0.20348.2333",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.2836",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 11 version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.3296",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 22H3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.3296",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows 11 Version 23H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22631.3296",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_23h2:10.0.25398.763:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.763",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.3",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.3.12",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "PowerShell 7.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.4.2",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.4",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.4.17",
              "status": "affected",
              "version": "17.4.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.6",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.6.13",
              "status": "affected",
              "version": "17.6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Visual Studio 2022 version 17.8",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "17.8.8",
              "status": "affected",
              "version": "17.8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 7.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "7.0.17",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": ".NET 8.0",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "8.0.3",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-03-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft QUIC Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-11T15:09:45.928Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft QUIC Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190"
        }
      ],
      "title": "Microsoft QUIC Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-26190",
    "datePublished": "2024-03-12T16:57:52.923Z",
    "dateReserved": "2024-02-14T22:23:54.099Z",
    "dateUpdated": "2024-08-01T23:59:32.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}