CVE-2023-36596

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 10, 2023

Updated: May 29, 2024

CWE ID 822

CWE ID 668

Summary

CVE-2023-36596 is a newly disclosed vulnerability that affects certain Remote Procedure Call (RPC) endpoints. An attacker can exploit this Information Disclosure weakness to gain unauthorized access to sensitive data. Successful exploitation could lead to the leakage of internal system details, potentially enabling further attacks. The vulnerability exists due to insufficient input validation and access control checks. It is recommended that affected systems be patched as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rwcfOW
https://www.cve.org/CVERecord?id=CVE-2023-36596
https://nvd.nist.gov/vuln/detail/CVE-2023-36596

Back to Vulnerability Database

CVE-2023-36596

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations