Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2023-36899: ASP.NET Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2023-36899: ASP.NET Elevation of Privilege Vulnerability

Severity
9
CVSS
(AV:N/AC:M/Au:S/C:C/I:C/A:C)
Published
08/08/2023
Created
08/09/2023
Added
08/08/2023
Modified
08/14/2023

Description

Microsoft CVE-2023-36899: ASP.NET Elevation of Privilege Vulnerability

Solution(s)

  • msft-kb5028946-18e58226-43b5-41f6-b350-46abb7b31134
  • msft-kb5028946-40e6cb8f-6011-4aec-b3e5-c50d0fbbc86d
  • msft-kb5028946-4e1d3946-95cc-4381-90ba-c1c4334c6ccb
  • msft-kb5028946-4e3b44d4-2bad-433e-8b53-d1cc1f12bc33
  • msft-kb5028947-3e54fa42-68c6-4813-9042-617de98452a9
  • msft-kb5028948-8ba66362-c09a-4b00-b1a8-5c52b578609e
  • msft-kb5028950-ed45fa54-5b3a-4b6d-bcc1-6d97349108cd
  • msft-kb5028951-0bf4eb3a-9f64-4fc2-9aa3-786ff1256e5a
  • msft-kb5028951-5913287e-afa5-4e15-b22b-dcddc448d478
  • msft-kb5028951-99d1f09d-664d-474f-9dba-f908d9d01eb5
  • msft-kb5028951-a3065dea-6aff-4e68-9f31-b86890fd0b38
  • msft-kb5028952-17c4cc14-68d0-46b0-acc6-fc72f939e909
  • msft-kb5028952-4a9aec0a-9162-4811-9f20-78221c361359
  • msft-kb5028952-d219294e-821e-43ba-9aca-cda4f55b5521
  • msft-kb5028953-412187cb-60d5-4f32-9d33-330746f3e23e
  • msft-kb5028953-82137664-43d2-43c6-ae99-f25704571822
  • msft-kb5028953-e4658d24-0dd2-4af9-b3ac-c884c03d7c9a
  • msft-kb5028954-5bf06e02-643b-4e83-9c0a-f6e4b8ed42e1
  • msft-kb5028956-17b69b20-69d0-4167-be81-92b78140dcd9
  • msft-kb5028956-23bb7d46-535b-4698-bf54-8b3a5f058185
  • msft-kb5028960-2ddbf601-ff40-498d-b124-4755f1754b6b
  • msft-kb5028960-a39b0800-d705-4a0d-9ca9-19fa7a7c4ec0
  • msft-kb5028960-f6f17548-e4ba-4ee9-8fbf-65dffb1a1cea
  • msft-kb5028973-78bc6919-33a7-4bf7-9e86-cc9ca1bd1a93
  • msft-kb5028974-24e5bb17-1a09-4b99-9435-1d23f366f343
  • msft-kb5028975-6933ec10-c83f-4c36-a7aa-e08bf0f95e2f
  • msft-kb5028976-b32bef26-3dba-42d4-981b-97931560c676
  • msft-kb5028977-46851dc4-bb64-47b2-ba67-46910d138076
  • msft-kb5028978-2abc8277-c855-4d16-ba67-af58841effbb
  • msft-kb5028978-9dac7b0e-e569-44a4-9bd7-a8c2af3d6e56
  • msft-kb5028978-d510e9b1-7c80-455f-9c33-5312830ed221
  • msft-kb5028980-6088687f-eba9-4e76-a98d-ca328a9bccd0
  • msft-kb5028980-a26ab468-53fe-4b0e-997b-ec2dc406221b

References

  • https://attackerkb.com/topics/cve-2023-36899
  • CVE - 2023-36899
  • 5028946
  • 5028947
  • 5028948
  • 5028950
  • 5028951
  • 5028952
  • 5028953
  • 5028954
  • 5028955
  • 5028956
  • 5028957
  • 5028958
  • 5028960
  • 5028961
  • 5028962
  • 5028963
  • 5028968
  • 5028973
  • 5028974
  • 5028975
  • 5028976
  • 5028977
  • 5028978
  • 5028980
  • 5029566
  • 5029567
  • 5029568
  • 5029569
  • 5029647
  • 5029648
  • 5029649
  • 5029650
  • 5029651
  • 5029652
  • 5029653
  • 5029654
  • 5029655
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;