Search

Find a vulnerability

Search criteria

    5934 vulnerabilities found for windows_10 by microsoft

    CVE-2023-36697 (GCVE-0-2023-36697)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:54.086Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36697",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:07.729561Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:44:16.276Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20: Improper Input Validation",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:13.771Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36697",
        "datePublished": "2023-10-10T17:07:44.386Z",
        "dateReserved": "2023-06-26T13:29:45.600Z",
        "dateUpdated": "2025-04-14T22:46:13.771Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36606 (GCVE-0-2023-36606)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.966Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36606"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36606",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:12.848301Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:44:09.633Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:14.353Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36606"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36606",
        "datePublished": "2023-10-10T17:07:44.904Z",
        "dateReserved": "2023-06-23T20:11:38.800Z",
        "dateUpdated": "2025-04-14T22:46:14.353Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36593 (GCVE-0-2023-36593)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.796Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36593",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:04.302755Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:58.258Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:18.364Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36593",
        "datePublished": "2023-10-10T17:07:48.598Z",
        "dateReserved": "2023-06-23T20:11:38.795Z",
        "dateUpdated": "2025-04-14T22:46:18.364Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36592 (GCVE-0-2023-36592)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36592"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36592",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:53.661676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:43:55.995Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:18.929Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36592"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36592",
        "datePublished": "2023-10-10T17:07:49.127Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:18.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36591 (GCVE-0-2023-36591)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36591"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:51.139338Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:43:46.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:19.493Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36591"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36591",
        "datePublished": "2023-10-10T17:07:49.634Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:19.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36590 (GCVE-0-2023-36590)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36590"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36590",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:48.589925Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:43:34.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:20.134Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36590"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36590",
        "datePublished": "2023-10-10T17:07:50.135Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:20.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36589 (GCVE-0-2023-36589)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.546Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36589"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36589",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:46.127067Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:42:23.210Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:20.690Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36589"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36589",
        "datePublished": "2023-10-10T17:07:50.660Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:20.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36583 (GCVE-0-2023-36583)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.435Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36583",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:02.873344Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:52.734Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:22.305Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36583",
        "datePublished": "2023-10-10T17:07:52.309Z",
        "dateReserved": "2023-06-23T20:11:38.792Z",
        "dateUpdated": "2025-04-14T22:46:22.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36582 (GCVE-0-2023-36582)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.488Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36582",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:01.535236Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:46.950Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:23.194Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36582",
        "datePublished": "2023-10-10T17:07:52.857Z",
        "dateReserved": "2023-06-23T20:11:38.792Z",
        "dateUpdated": "2025-04-14T22:46:23.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36581 (GCVE-0-2023-36581)

    Vulnerability from nvd – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.299Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36581",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:11.487043Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:40.080Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126: Buffer Over-read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:23.759Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36581",
        "datePublished": "2023-10-10T17:07:53.425Z",
        "dateReserved": "2023-06-23T20:11:38.792Z",
        "dateUpdated": "2025-04-14T22:46:23.759Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-44216 (GCVE-0-2023-44216)

    Vulnerability from nvd – Published: 2023-09-26 00:00 – Updated: 2024-09-24 18:11
    VLAI
    Summary
    PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    imaginationtech powervr-gpu Affected: 2018 , < * (custom)
        cpe:2.3:h:imaginationtech:powervr-gpu:2018:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:59:51.588Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hertzbleed.com/gpu.zip/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/UT-Security/gpu-zip"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.w3.org/TR/filter-effects-1/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.imaginationtech.com/reducing-bandwidth-pvric/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.imaginationtech.com/introducing-pvric4-taking-image-compression-to-the-next-level/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://news.ycombinator.com/item?id=37663159"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.bleepingcomputer.com/news/security/modern-gpus-vulnerable-to-new-gpuzip-side-channel-attack/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:imaginationtech:powervr-gpu:2018:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "powervr-gpu",
                "vendor": "imaginationtech",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "2018",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-44216",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-24T18:09:12.068667Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-24T18:11:55.076Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-03T04:46:57.617Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.hertzbleed.com/gpu.zip/"
            },
            {
              "url": "https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf"
            },
            {
              "url": "https://github.com/UT-Security/gpu-zip"
            },
            {
              "url": "https://www.w3.org/TR/filter-effects-1/"
            },
            {
              "url": "https://blog.imaginationtech.com/reducing-bandwidth-pvric/"
            },
            {
              "url": "https://blog.imaginationtech.com/introducing-pvric4-taking-image-compression-to-the-next-level/"
            },
            {
              "url": "https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack/"
            },
            {
              "url": "https://news.ycombinator.com/item?id=37663159"
            },
            {
              "url": "https://www.bleepingcomputer.com/news/security/modern-gpus-vulnerable-to-new-gpuzip-side-channel-attack/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-44216",
        "datePublished": "2023-09-26T00:00:00.000Z",
        "dateReserved": "2023-09-26T00:00:00.000Z",
        "dateUpdated": "2024-09-24T18:11:55.076Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36913 (GCVE-0-2023-36913)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:08
    VLAI
    Title
    Microsoft Message Queuing Information Disclosure Vulnerability
    Summary
    Microsoft Message Queuing Information Disclosure Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-908 - Use of Uninitialized Resource
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:10.038Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36913",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:52.969075Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:08:24.585Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing Information Disclosure Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-908",
                  "description": "CWE-908: Use of Uninitialized Resource",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:47.811Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913"
            }
          ],
          "title": "Microsoft Message Queuing Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36913",
        "datePublished": "2023-08-08T17:08:30.232Z",
        "dateReserved": "2023-06-27T20:29:08.607Z",
        "dateUpdated": "2025-02-27T21:08:24.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36912 (GCVE-0-2023-36912)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:08
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:10.038Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36912",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:30.771358Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:08:30.227Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20: Improper Input Validation",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:47.357Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36912",
        "datePublished": "2023-08-08T17:08:29.623Z",
        "dateReserved": "2023-06-27T20:29:08.606Z",
        "dateUpdated": "2025-02-27T21:08:30.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36911 (GCVE-0-2023-36911)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:08
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.995Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36911",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:51:04.561728Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:08:37.060Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:46.829Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36911",
        "datePublished": "2023-08-08T17:08:29.028Z",
        "dateReserved": "2023-06-27T20:29:08.606Z",
        "dateUpdated": "2025-02-27T21:08:37.060Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36910 (GCVE-0-2023-36910)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:08
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.965Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36910",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:51:07.829018Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:08:42.685Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:46.273Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36910",
        "datePublished": "2023-08-08T17:08:28.449Z",
        "dateReserved": "2023-06-27T20:29:08.606Z",
        "dateUpdated": "2025-02-27T21:08:42.685Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36909 (GCVE-0-2023-36909)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-02-27 21:08
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-191 - Integer Underflow (Wrap or Wraparound)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36909",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:56.528499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:08:48.605Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-191",
                  "description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:45.663Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36909",
        "datePublished": "2023-08-08T17:08:27.831Z",
        "dateReserved": "2023-06-27T20:29:08.606Z",
        "dateUpdated": "2025-02-27T21:08:48.605Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36908 (GCVE-0-2023-36908)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-07-09 13:39
    VLAI
    Title
    Windows Hyper-V Information Disclosure Vulnerability
    Summary
    Windows Hyper-V Information Disclosure Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36908",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-09T13:39:10.916165Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-09T13:39:18.911Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.932Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Windows Hyper-V Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Windows Hyper-V Information Disclosure Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:44.794Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Windows Hyper-V Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908"
            }
          ],
          "title": "Windows Hyper-V Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36908",
        "datePublished": "2023-08-08T17:08:27.268Z",
        "dateReserved": "2023-06-27T20:29:08.606Z",
        "dateUpdated": "2025-07-09T13:39:18.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36907 (GCVE-0-2023-36907)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-01-01 01:58
    VLAI
    Title
    Windows Cryptographic Services Information Disclosure Vulnerability
    Summary
    Windows Cryptographic Services Information Disclosure Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-170 - Improper Null Termination
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36907",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-19T18:24:45.723823Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-22T20:13:52.523Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Windows Cryptographic Services Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Windows Cryptographic Services Information Disclosure Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-170",
                  "description": "CWE-170: Improper Null Termination",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:44.177Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Windows Cryptographic Services Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907"
            }
          ],
          "title": "Windows Cryptographic Services Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36907",
        "datePublished": "2023-08-08T17:08:26.702Z",
        "dateReserved": "2023-06-27T20:29:08.606Z",
        "dateUpdated": "2025-01-01T01:58:44.177Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36906 (GCVE-0-2023-36906)

    Vulnerability from nvd – Published: 2023-08-08 17:08 – Updated: 2025-01-01 01:58
    VLAI
    Title
    Windows Cryptographic Services Information Disclosure Vulnerability
    Summary
    Windows Cryptographic Services Information Disclosure Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-170 - Improper Null Termination
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4737 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1906 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2295 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2134 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3324 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20107 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6167 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22216 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26664 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24414 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21503 (custom)
    Create a notification for this product.
    Date Public
    2023-08-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36906",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-23T18:56:24.394541Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-23T18:56:38.263Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:01:09.651Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Windows Cryptographic Services Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4737",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.1906",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2295",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19044.3324",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2134",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3324",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20107",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6167",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22216",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26664",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24414",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21503",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4737",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.1906",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2295",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19044.3324",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2134",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3324",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20107",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6167",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22216",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26664",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24414",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21503",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-08-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Windows Cryptographic Services Information Disclosure Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-170",
                  "description": "CWE-170: Improper Null Termination",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-01T01:58:43.610Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Windows Cryptographic Services Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906"
            }
          ],
          "title": "Windows Cryptographic Services Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36906",
        "datePublished": "2023-08-08T17:08:26.086Z",
        "dateReserved": "2023-06-27T20:29:08.606Z",
        "dateUpdated": "2025-01-01T01:58:43.610Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36581 (GCVE-0-2023-36581)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.299Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36581",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:11.487043Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:40.080Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-126",
                  "description": "CWE-126: Buffer Over-read",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:23.759Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36581",
        "datePublished": "2023-10-10T17:07:53.425Z",
        "dateReserved": "2023-06-23T20:11:38.792Z",
        "dateUpdated": "2025-04-14T22:46:23.759Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36582 (GCVE-0-2023-36582)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.488Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36582",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:01.535236Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:46.950Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:23.194Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36582",
        "datePublished": "2023-10-10T17:07:52.857Z",
        "dateReserved": "2023-06-23T20:11:38.792Z",
        "dateUpdated": "2025-04-14T22:46:23.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36583 (GCVE-0-2023-36583)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.435Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36583",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:02.873344Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:52.734Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416: Use After Free",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:22.305Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36583",
        "datePublished": "2023-10-10T17:07:52.309Z",
        "dateReserved": "2023-06-23T20:11:38.792Z",
        "dateUpdated": "2025-04-14T22:46:22.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36589 (GCVE-0-2023-36589)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.546Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36589"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36589",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:46.127067Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:42:23.210Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:20.690Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36589"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36589",
        "datePublished": "2023-10-10T17:07:50.660Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:20.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36590 (GCVE-0-2023-36590)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36590"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36590",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:48.589925Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:43:34.037Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:20.134Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36590"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36590",
        "datePublished": "2023-10-10T17:07:50.135Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:20.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36591 (GCVE-0-2023-36591)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.510Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36591"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36591",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:51.139338Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:43:46.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:19.493Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36591"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36591",
        "datePublished": "2023-10-10T17:07:49.634Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:19.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36592 (GCVE-0-2023-36592)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36592"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36592",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-28T20:19:53.661676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-28T20:43:55.995Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:18.929Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36592"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36592",
        "datePublished": "2023-10-10T17:07:49.127Z",
        "dateReserved": "2023-06-23T20:11:38.794Z",
        "dateUpdated": "2025-04-14T22:46:18.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36593 (GCVE-0-2023-36593)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.796Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36593",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:04.302755Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:43:58.258Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190: Integer Overflow or Wraparound",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:18.364Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36593",
        "datePublished": "2023-10-10T17:07:48.598Z",
        "dateReserved": "2023-06-23T20:11:38.795Z",
        "dateUpdated": "2025-04-14T22:46:18.364Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36606 (GCVE-0-2023-36606)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:53.966Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36606"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36606",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:12.848301Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:44:09.633Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:14.353Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36606"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36606",
        "datePublished": "2023-10-10T17:07:44.904Z",
        "dateReserved": "2023-06-23T20:11:38.800Z",
        "dateUpdated": "2025-04-14T22:46:14.353Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-36697 (GCVE-0-2023-36697)

    Vulnerability from cvelistv5 – Published: 2023-10-10 17:07 – Updated: 2025-04-14 22:46
    VLAI
    Title
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    Summary
    Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4974 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.2031 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.2538 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19041.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 11 version 22H2 Affected: 10.0.22621.0 , < 10.0.22621.2428 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.3570 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.10240.0 , < 10.0.10240.20232 (custom)
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.14393.0 , < 10.0.14393.6351 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 Service Pack 2 Affected: 6.0.6003.0 , < 6.0.6003.22317 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Affected: 6.1.7601.0 , < 6.1.7601.26769 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.9200.0 , < 6.2.9200.24523 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.9600.0 , < 6.3.9600.21620 (custom)
    Create a notification for this product.
    Date Public
    2023-10-10 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T16:52:54.086Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Microsoft Message Queuing Remote Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-36697",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:50:07.729561Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T20:44:16.276Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.17763.4974",
                  "status": "affected",
                  "version": "10.0.17763.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2022",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.20348.2031",
                  "status": "affected",
                  "version": "10.0.20348.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 11 version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22000.2538",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 21H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19041.3570",
                  "status": "affected",
                  "version": "10.0.19043.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 11 version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.22621.2428",
                  "status": "affected",
                  "version": "10.0.22621.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems",
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 22H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.19045.3570",
                  "status": "affected",
                  "version": "10.0.19045.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.10240.20232",
                  "status": "affected",
                  "version": "10.0.10240.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "10.0.14393.6351",
                  "status": "affected",
                  "version": "10.0.14393.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008  Service Pack 2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.0.6003.22317",
                  "status": "affected",
                  "version": "6.0.6003.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.1.7601.26769",
                  "status": "affected",
                  "version": "6.1.7601.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.2.9200.24523",
                  "status": "affected",
                  "version": "6.2.9200.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "6.3.9600.21620",
                  "status": "affected",
                  "version": "6.3.9600.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.17763.4974",
                      "versionStartIncluding": "10.0.17763.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.20348.2031",
                      "versionStartIncluding": "10.0.20348.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.22000.2538",
                      "versionStartIncluding": "10.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.19041.3570",
                      "versionStartIncluding": "10.0.19043.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
                      "versionEndExcluding": "10.0.22621.2428",
                      "versionStartIncluding": "10.0.22621.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "10.0.19045.3570",
                      "versionStartIncluding": "10.0.19045.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.10240.20232",
                      "versionStartIncluding": "10.0.10240.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "10.0.14393.6351",
                      "versionStartIncluding": "10.0.14393.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
                      "versionEndExcluding": "6.0.6003.22317",
                      "versionStartIncluding": "6.0.6003.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.1.7601.26769",
                      "versionStartIncluding": "6.1.7601.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.2.9200.24523",
                      "versionStartIncluding": "6.2.9200.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
                      "versionEndExcluding": "6.3.9600.21620",
                      "versionStartIncluding": "6.3.9600.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2023-10-10T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20: Improper Input Validation",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-04-14T22:46:13.771Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697"
            }
          ],
          "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2023-36697",
        "datePublished": "2023-10-10T17:07:44.386Z",
        "dateReserved": "2023-06-26T13:29:45.600Z",
        "dateUpdated": "2025-04-14T22:46:13.771Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-44216 (GCVE-0-2023-44216)

    Vulnerability from cvelistv5 – Published: 2023-09-26 00:00 – Updated: 2024-09-24 18:11
    VLAI
    Summary
    PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    imaginationtech powervr-gpu Affected: 2018 , < * (custom)
        cpe:2.3:h:imaginationtech:powervr-gpu:2018:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:59:51.588Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hertzbleed.com/gpu.zip/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/UT-Security/gpu-zip"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.w3.org/TR/filter-effects-1/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.imaginationtech.com/reducing-bandwidth-pvric/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blog.imaginationtech.com/introducing-pvric4-taking-image-compression-to-the-next-level/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://news.ycombinator.com/item?id=37663159"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.bleepingcomputer.com/news/security/modern-gpus-vulnerable-to-new-gpuzip-side-channel-attack/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:imaginationtech:powervr-gpu:2018:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "powervr-gpu",
                "vendor": "imaginationtech",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "2018",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-44216",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-24T18:09:12.068667Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-24T18:11:55.076Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-03T04:46:57.617Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.hertzbleed.com/gpu.zip/"
            },
            {
              "url": "https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf"
            },
            {
              "url": "https://github.com/UT-Security/gpu-zip"
            },
            {
              "url": "https://www.w3.org/TR/filter-effects-1/"
            },
            {
              "url": "https://blog.imaginationtech.com/reducing-bandwidth-pvric/"
            },
            {
              "url": "https://blog.imaginationtech.com/introducing-pvric4-taking-image-compression-to-the-next-level/"
            },
            {
              "url": "https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack/"
            },
            {
              "url": "https://news.ycombinator.com/item?id=37663159"
            },
            {
              "url": "https://www.bleepingcomputer.com/news/security/modern-gpus-vulnerable-to-new-gpuzip-side-channel-attack/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-44216",
        "datePublished": "2023-09-26T00:00:00.000Z",
        "dateReserved": "2023-09-26T00:00:00.000Z",
        "dateUpdated": "2024-09-24T18:11:55.076Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }