PT-2023-3298 · Microsoft+7 · Net+9

Kevin Jones

Published

2023-06-13

Updated

2024-12-13

CVE-2023-29331

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions .NET, .NET Framework, and Visual Studio (affected versions not specified)

Description The issue is related to insufficient input validation, which can be exploited to cause a denial of service. This allows an attacker to affect the system. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-20

Related Identifiers

ALSA-2023:3581

ALSA-2023:3582

ALSA-2023:3592

ALSA-2023:3593

ALT-PU-2023-4590

ALT-PU-2023-4591

ALT-PU-2023-4592

ALT-PU-2023-4593

ALT-PU-2023-4594

ALT-PU-2023-4595

ALT-PU-2023-4610

ALT-PU-2023-4611

ALT-PU-2024-16792

ALT-PU-2024-16794

ALT-PU-2024-16796

ALT-PU-2024-16939

BDU:2023-03439

BIT-DOTNET-2023-29331

BIT-DOTNET-SDK-2023-29331

CESA-2023_3582

CESA-2023_3593

CVE-2023-29331

GHSA-555C-2P6R-68MM

RHSA-2023:3580

RHSA-2023:3581

RHSA-2023:3582

RHSA-2023:3592

RHSA-2023:3593

RHSA-2023:4448

RHSA-2023:4449

RHSA-2023_3581

RHSA-2023_3582

RHSA-2023_3592

RHSA-2023_3593

RLSA-2023:3582

RLSA-2023:3593

USN-6161-1

USN-6161-2

Affected Products

.Net Framework

Alt Linux

Almalinux

Centos

Linuxmint

Net

Red Hat

Rocky Linux

Ubuntu

Visual Studio

PT-2023-3298 · Microsoft+7 · Net+9

CVE-2023-29331

Weakness Enumeration

Related Identifiers

Affected Products

References · 67