PT-2023-7217 · Microsoft+7 · Asp.Net Core+7

Published

2023-11-14

·

Updated

2025-01-01

·

CVE-2023-36558

CVSS v3.1

6.2

Medium

VectorAV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions ASP.NET Core (affected versions not specified)
Description The issue is related to errors in security settings of the ASP.NET Core platform, allowing an attacker to disclose protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-254CWE-285

Related Identifiers

ALSA-2023:7253
ALSA-2023:7254
ALSA-2023:7255
ALSA-2023:7256
ALSA-2023:7257
ALSA-2023:7258
ALT-PU-2024-1066
ALT-PU-2024-1067
ALT-PU-2024-1068
ALT-PU-2024-1069
ALT-PU-2024-16792
ALT-PU-2024-16794
ALT-PU-2024-16796
ALT-PU-2024-16939
ALT-PU-2024-2554
ALT-PU-2024-2556
ALT-PU-2024-2557
ALT-PU-2024-2761
ALT-PU-2024-2763
ALT-PU-2024-2765
ALT-PU-2024-2767
BDU:2023-08245
BIT-ASPNET-CORE-2023-36558
BIT-DOTNET-2023-36558
BIT-DOTNET-SDK-2023-36558
CESA-2023_7254
CESA-2023_7256
CESA-2023_7258
CVE-2023-36558
GHSA-3FX3-85R4-8J3W
RHSA-2023:7253
RHSA-2023:7254
RHSA-2023:7255
RHSA-2023:7256
RHSA-2023:7257
RHSA-2023:7258
RHSA-2023:7259
RHSA-2023_7253
RHSA-2023_7254
RHSA-2023_7255
RHSA-2023_7256
RHSA-2023_7257
RHSA-2023_7258
RLSA-2023:7256
RLSA-2023:7258
USN-6480-1

Affected Products

Alt Linux
Asp.Net Core
Almalinux
Centos
Linuxmint
Red Hat
Red Os
Ubuntu