V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsDocs
Back to catalog
CVE-2023-38180
MSR
High KEVConfirmedExploit available

.NET and Visual Studio Denial of Service Vulnerability

CVSS
7.5
High
EPSS
0.01
p75
Published
2023-01-01
Updated
2023-08-09
Description

.NET and Visual Studio Denial of Service Vulnerability

Tags · CWE
KEVPre-auth
CWE-400
CAPEC-147
CAPEC-227
CAPEC-492
Affected products
.net 6.0.0–6.0.21.net 7.0.0–7.0.10Asp.net_core 2.1–2.1.40Visual_studio_2022 17.2.0–17.2.18Visual_studio_2022 17.4.0–17.4.10Visual_studio_2022 17.6.0–17.6.6
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Timeline
2023-01-01
Published
2023-08-09
Added to KEV
2023-08-09
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: N
None (N)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.009 · p75
Known exploited (KEV)
Yes
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-227 · CWE-400
Known exploits — Сканер-ВС
CVE-2023-38180
cisa · https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Enterprise
Affected software
ProductVendorStatus
dotnet6Exploited
dotnet6Exploited
dotnet6.0Exploited
dotnet6.0Exploited
dotnet6.0Exploited
dotnet6.0Exploited
dotnet7Exploited
dotnet7Exploited
dotnet7.0Exploited
dotnet7.0Exploited
rh-dotnet60-dotnetExploited
.net*Exploited
asp.net_core*Exploited
fedora*Exploited
visual_studio_2022*Exploited
WindowsMicrosoftExploited
WindowsMicrosoftExploited
WindowsMicrosoftExploited
WindowsMicrosoftExploited
Source databases
MSR
CVE
RED
UBU
Related vulnerabilities
BDU:2023-04540