7.5
CVE-2023-38180
- EPSS 0.19%
- Published 08.08.2023 19:15:10
- Last modified 10.03.2025 20:30:38
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
.NET and Visual Studio Denial of Service Vulnerability
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Asp.Net Core Version >= 2.1 < 2.1.40
Microsoft ≫ Visual Studio 2022 Version >= 17.2.0 < 17.2.18
Microsoft ≫ Visual Studio 2022 Version >= 17.4.0 < 17.4.10
Microsoft ≫ Visual Studio 2022 Version >= 17.6.0 < 17.6.6
Fedoraproject ≫ Fedora Version37
Fedoraproject ≫ Fedora Version38
09.08.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog
Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability
VulnerabilityMicrosoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS).
DescriptionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.415 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| secure@microsoft.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.