CVE-2023-36560 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microsoft	CNA	8.8 HIGH				CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 88%

Affected Products (NVD)

Vendor	Product	Version
microsoft	.net_framework	2.0:sp2
microsoft	.net_framework	3.0:sp2
microsoft	.net_framework	3.5
microsoft	.net_framework	3.5
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8.1
microsoft	.net_framework	3.5.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.8

𝑥

= Vulnerable software versions

Windows Releases

Platform

Version

Windows 10

(x64, x86)	KB5032199
1607 (x64, x86)	KB5031989
1607 (x64, x86)	KB5032197
1809 (arm64, x64, x64, x86, x86)	KB5032337
21H2 (arm64, arm64, x64, x64, x86, x86)	KB5032338
22H2 (arm64, arm64, x64, x64, x86, x86)	KB5032339

Windows 11

21H2 (arm64, arm64, x64, x64)	KB5032340
22H2 (arm64, x64)	KB5032007
23H2 (arm64, x64)	KB5032007

Windows Server 2008

Service Pack 2 (x64, x64, x86, x86)	KB5032344
Service Pack 2 Server Core (x64, x86)	KB5032344

Windows Server 2008 R2

Service Pack 1 (x64, x64, x64)	KB5032341
Service Pack 1 Server Core (x64, x64, x64)	KB5032341

Windows Server 2012

Server Core	KB5032342
Standard	KB5032342

Windows Server 2012 R2

Server Core	KB5032343
Standard	KB5032343

Windows Server 2016

Server Core	KB5031989
Server Core	KB5032197
Standard	KB5031989
Standard	KB5032197

Windows Server 2019

Server Core	KB5032337
Standard	KB5032337

Windows Server 2022

23H2 Server Core	KB5032004
Server Core	KB5032336
Standard	KB5032336

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36560

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36560