CVE-2023-36913

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 8, 2023

Updated: May 29, 2024

CWE ID 908

Summary

CVE-2023-36913 is a newly disclosed information disclosure vulnerability affecting Microsoft Message Queuing (MSMQ). An attacker can exploit this vulnerability by sending a specially crafted message to an MSMQ queue, resulting in the disclosure of sensitive information. This issue could potentially lead to unauthorized access or privilege escalation, posing a significant risk to organizations using MSMQ. Microsoft has released a patch to address this vulnerability, and it is advised that affected systems be updated as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzrFk-
https://www.cve.org/CVERecord?id=CVE-2023-36913
https://nvd.nist.gov/vuln/detail/CVE-2023-36913

Back to Vulnerability Database

CVE-2023-36913

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations