Scribd Logo
Upload

Welcome to Scribd!

  • NVD - Cve-2023-36802

    Uploaded by

    You
    4 views3 pages
    Bugs

    Original Title

    NVD - CVE-2023-36802

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Bugs

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views3 pages

    NVD - Cve-2023-36802

    Uploaded by

    You
    Bugs

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    An official website of the United States government Here's how you know

    NVD

    VULNERABILITIES

    CVE-2023-36802 Detail
    AWAITING ANALYSIS

    This vulnerability is currently awaiting analysis.

    Description
    Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

    Severity CVSS Version 3.x CVSS Version 2.0

    CVSS 3.x Severity and Metrics:

    CNA: Microsoft Corporation


    Base Score: 7.8 HIGH

    Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also
    display any CVSS information provided within the CVE List from the CNA.

    Note: The CNA providing a score has achieved an Acceptance Level of Provider. The NVD will only
    audit a subset of scores provided by this CNA.

    References to Advisories, Solutions, and Tools


    By selecting these links, you will be leaving NIST webspace. We have provided these links to other
    web sites because they may have information that would be of interest to you. No inferences should
    be drawn on account of other sites being referenced, or not, from this page. There may be other web
    sites that are more appropriate for your purpose. NIST does not necessarily endorse the views
    expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any
    commercial products that may be mentioned on these sites. Please address comments about this
    page to nvd@nist.gov.

    Hyperlink Resource
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802
    This CVE is in CISA's Known Exploited Vulnerabilities
    Catalog
    Reference CISA's BOD 22-01 and Known Exploited Vulnerabilities Catalog for further guidance and
    requirements.

    Vulnerability Name Date Added Due Date Required Action


    Microsoft Streaming Service Proxy 09/12/2023 10/03/2023 Apply mitigations per vendor
    Privilege Escalation Vulnerability instructions or discontinue use of
    the product if mitigations are
    unavailable.

    Weakness Enumeration
    CWE-ID CWE Name Source

    Change History
    0 change records found show changes

    QUICK INFO      
    CVE Dictionary Entry:
    CVE-2023-36802
    NVD Published Date:
    09/12/2023
    NVD Last Modified:
    HEADQUARTERS
    10009/12/2023
    Bureau Drive
    Gaithersburg, MD 20899
    Source:
    (301) 975-2000
    Microsoft Corporation
    Webmaster | Contact Us | Our Other Offices
    Incident Response Assistance and Non-NVD Related
    Technical Cyber Security Questions:
    US-CERT Security Operations Center
    Email: soc@us-cert.gov
    Phone: 1-888-282-0870

    Site Privacy | Accessibility | Privacy Program | Copyrights | Vulnerability Disclosure | No Fear Act Policy | FOIA | Environmental
    Policy | Scientific Integrity | Information Quality Standards | Commerce.gov | Science.gov | USA.gov

    You might also like