CVE-2023-33170

HIGH

Microsoft .NET 6.0.0 through 6.0.20 - Security Feature Bypass

Title source: llm
STIX 2.1

Description

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

Scores

CVSS v3 8.1
EPSS 0.0209
EPSS Percentile 79.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-362
Status published
Products (24)
fedoraproject/fedora 37
fedoraproject/fedora 38
microsoft/.net 6.0.0 - 6.0.20
Microsoft/.NET 6.0 6.0.0 - 6.0.20
Microsoft/.NET 7.0 7.0.0 - 7.0.9
Microsoft/Microsoft Visual Studio 2022 version 17.0 17.0.0 - 17.0.23
Microsoft/Microsoft Visual Studio 2022 version 17.2 17.2.0 - 17.2.17
Microsoft/Microsoft Visual Studio 2022 version 17.4 17.4.0 - 17.4.9
Microsoft/Microsoft Visual Studio 2022 version 17.6 17.6.0 - 17.6.5
microsoft/visual_studio_2022 17.0 - 17.0.23
... and 14 more
Published Jul 11, 2023
Tracked Since Feb 18, 2026