CVE-2023-36558
ASP.NET Core Security Feature Bypass Vulnerability
No sign of exploitation. No public exploitation artifact known so far.
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.2EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
14 Nov 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
ASP.NET Core Security Feature Bypass Vulnerability
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Affected products
Microsoft · ASP.NET Core 6.0Microsoft · ASP.NET Core 7.0Microsoft · ASP.NET Core 8.0Microsoft · Microsoft Visual Studio 2022 version 17.2Microsoft · Microsoft Visual Studio 2022 version 17.4Microsoft · Microsoft Visual Studio 2022 version 17.6Microsoft · Microsoft Visual Studio 2022 version 17.7Microsoft · .NET 6.0Microsoft · .NET 7.0Microsoft · .NET 8.0