CVE-2023-38171

HIGH7.5Memory safety

High EPSS

JSON export Create alert

Description

Microsoft QUIC Denial of Service Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Microsoft Visual Studio 2022 version 17.217.2.0 – 17.2.21
Microsoft / Microsoft Visual Studio 2022 version 17.417.4.0 – 17.4.13
Microsoft / Microsoft Visual Studio 2022 version 17.617.6.0 – 17.6.9
Microsoft / Microsoft Visual Studio 2022 version 17.717.7.0 – 17.7.6
Microsoft / .NET 7.07.0.0 – 7.0.13
Microsoft / PowerShell 7.37.3.0 – 7.3.9
Microsoft / Windows 11 version 21H210.0.0 – 10.0.22000.2538
Microsoft / Windows 11 version 22H210.0.22621.0 – 10.0.22621.2428
Microsoft / Windows Server 202210.0.20348.0 – 10.0.20348.2031

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171