CVE-2023-38180
.NET and Visual Studio Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
.NET and Visual Studio Denial of Service Vulnerability
| Vendor | microsoft |
| Product | asp.net core 2.1 |
| Ecosystems | |
| Industries | TechnologyEnterprise |
| Published | Aug 8, 2023 |
| Last Updated | Oct 21, 2025 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for microsoft asp.net core 2.1
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2023-38180.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Microsoft / ASP.NET Core 2.1
2.0 < 2.1.40
Microsoft / .NET 6.0
6.0.0 < 6.0.21
Microsoft / .NET 7.0
7.0.0 < 7.0.10
Microsoft / Microsoft Visual Studio 2022 version 17.2
17.2.0 < 17.2.18
Microsoft / Microsoft Visual Studio 2022 version 17.4
17.4.0 < 17.4.10
Microsoft / Microsoft Visual Studio 2022 version 17.6
17.6.0 < 17.6.6
References
msrc.microsoft.com: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-38180 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY/