CVE-2023-36906 | THREATINT

Assigner	microsoft
Reserved	2023-06-27
Published	2023-08-08
Updated	2024-08-02

Description

Windows Cryptographic Services Information Disclosure Vulnerability

MEDIUM: 5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Problem types

CWE-170: Improper Null Termination

Product status

10.0.0 before 10.0.17763.4737

affected

10.0.0 before 10.0.17763.4737

affected

10.0.0 before 10.0.17763.4737

affected

10.0.0 before 10.0.20348.1906

affected

10.0.0 before 10.0.20348.1903

affected

10.0.0 before 10.0.22000.2295

affected

10.0.0 before 10.0.19044.3324

affected

10.0.0 before 10.0.22621.2134

affected

10.0.0 before 10.0.19045.3324

affected

10.0.0 before 10.0.10240.20107

affected

10.0.0 before 10.0.14393.6167

affected

10.0.0 before 10.0.14393.6167

affected

10.0.0 before 10.0.14393.6167

affected

6.0.0 before 6.0.6003.22216

affected

6.0.0 before 6.0.6003.22216

affected

6.0.0 before 6.0.6003.22216

affected

6.1.0 before 6.1.7601.26664

affected

6.0.0 before 6.1.7601.26664

affected

6.2.0 before 6.2.9200.24414

affected

6.2.0 before 6.2.9200.24414

affected

6.3.0 before 6.3.9600.21503

affected

6.3.0 before 6.3.9600.21503

affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906 (Windows Cryptographic Services Information Disclosure Vulnerability) vendor-advisory

cve.org CVE-2023-36906

nvd.nist.gov CVE-2023-36906

Download JSON