Vulnerability CVE-2023-33135: Information

Description

.NET and Visual Studio Elevation of Privilege Vulnerability

Severity: HIGH (7.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-33135
Published: June 14, 2023
Modified: June 21, 2023

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
dotnet-bootstrap-6.0sisyphus6.0.20-alt16.0.25-alt1ALT-PU-2023-4590-2325725Fixed
dotnet-bootstrap-6.0p106.0.20-alt16.0.25-alt1ALT-PU-2023-4594-3325731Fixed
dotnet-bootstrap-7.0sisyphus7.0.9-alt17.0.17-alt1ALT-PU-2023-4592-2325727Fixed
dotnet-bootstrap-7.0p107.0.9-alt17.0.14-alt1ALT-PU-2023-4610-3325842Fixed
dotnet-runtime-6.0sisyphus6.0.20-alt16.0.25-alt1ALT-PU-2023-4591-2325725Fixed
dotnet-runtime-6.0p106.0.20-alt16.0.25-alt1ALT-PU-2023-4595-3325731Fixed
dotnet-runtime-7.0sisyphus7.0.9-alt17.0.17-alt1ALT-PU-2023-4593-2325727Fixed
dotnet-runtime-7.0p107.0.9-alt17.0.14-alt1ALT-PU-2023-4611-3325842Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135
  • Patch
  • Vendor Advisory

    1. Configuration 1

      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
      Start including
      17.0
      End excliding
      17.0.22
      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
      Start including
      17.2
      End excliding
      17.2.16
      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
      Start including
      17.4
      End excliding
      17.4.8
      cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
      Start including
      17.6
      End excliding
      17.6.3
      cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
      Start including
      6.0.0
      End excliding
      6.0.18
      cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
      Start including
      7.0.0
      End excliding
      7.0.7
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top