CVE-2023-36802

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 12, 2023

Updated: Aug 14, 2024

CWE ID 416

Summary

CVE-2023-36802 is an elevation of privilege vulnerability affecting Microsoft Streaming Service Proxy. An attacker who successfully exploits this vulnerability can gain higher privileges on the system, potentially compromising the security of the affected environment. The vulnerability arises due to insufficient access controls in the Microsoft Streaming Service Proxy, enabling an attacker to escalate their privileges and execute arbitrary code. Organizations using Microsoft Streaming Service Proxy are advised to apply the available security patch as soon as possible to mitigate the risk of potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzatvK
https://www.cve.org/CVERecord?id=CVE-2023-36802
https://nvd.nist.gov/vuln/detail/CVE-2023-36802

Back to Vulnerability Database

CVE-2023-36802

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations