Skip to main content

Powershell CVE-2023-36013

MEDIUM
Use of Hard-coded Credentials (CWE-798)
2023-11-20 secure@microsoft.com
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Nov 20, 2023 - 16:15 nvd
MEDIUM 6.5

DescriptionNVD

PowerShell Information Disclosure Vulnerability

AnalysisAI

PowerShell Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Technical ContextAI

This vulnerability is classified as Use of Hard-coded Credentials (CWE-798), which allows attackers to gain access using credentials embedded in source code. Affected products include: Microsoft Powershell.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Remove hard-coded credentials, use environment variables or secrets management, rotate exposed credentials immediately.

CVE-2018-8327 CRITICAL
9.8 Jul 11

A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code

CVE-2022-41076 HIGH
8.5 Dec 13

PowerShell Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitab

CVE-2022-41121 HIGH
7.8 Dec 13

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l

CVE-2022-26788 HIGH
7.8 Apr 15

PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack comple

CVE-2025-30399 HIGH
7.5 Jun 13

CVE-2025-30399 is an untrusted search path vulnerability in .NET and Visual Studio that allows unauthenticated remote at

CVE-2023-21538 HIGH
7.5 Jan 10

.NET Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no aut

CVE-2022-23267 HIGH
7.5 May 10

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely e

CVE-2020-1108 HIGH
7.5 May 21

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Cor

CVE-2020-0951 MEDIUM
6.7 Sep 11

<p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an at

CVE-2020-8927 MEDIUM
6.5 Sep 15

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of

CVE-2022-24512 MEDIUM
6.3 Mar 09

.NET and Visual Studio Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remo

CVE-2022-34716 MEDIUM
5.9 Aug 09

.NET Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentica

Share

CVE-2023-36013 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy