THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2023-36434

Windows IIS Server Elevation of Privilege Vulnerability

Assignermicrosoft
Reserved2023-06-21
Published2023-10-10
Updated2024-07-09

Description

Windows IIS Server Elevation of Privilege Vulnerability



CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-307: Improper Restriction of Excessive Authentication Attempts

Product status

10.0.0 before 10.0.19045.3570
affected

10.0.0 before 10.0.22621.2428
affected

10.0.0 before 10.0.22000.2538
affected

10.0.0 before 10.0.19041.3570
affected

10.0.0 before 10.0.20348.2031
affected

10.0.0 before 10.0.17763.4974
affected

10.0.0 before 10.0.17763.4974
affected

10.0.0 before 10.0.14393.6351
affected

6.0.0 before 6.0.6003.22317
affected

6.0.0 before 6.0.6003.22317
affected

6.2.0 before 6.2.9200.24523
affected

6.0.0 before 6.1.7601.26769
affected

6.3.0 before 6.3.9600.21620
affected

10.0.0 before 10.0.14393.6351
affected

6.0.0 before 6.0.6003.22317
affected

10.0.0 before 10.0.14393.6351
affected

10.0.0 before 10.0.10240.20232
affected

10.0.0 before 10.0.17763.4974
affected

6.1.0 before 6.1.7601.26769
affected

6.2.0 before 6.2.9200.24523
affected

6.3.0 before 6.3.9600.21620
affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36434 (Windows IIS Server Elevation of Privilege Vulnerability) vendor-advisory

cve.org CVE-2023-36434

nvd.nist.gov CVE-2023-36434

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-36434
© Copyright 2024 THREATINT. Made in Cyprus with +