Powershell
CVE-2023-36013
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
PowerShell Information Disclosure Vulnerability
AnalysisAI
PowerShell Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.
Technical ContextAI
This vulnerability is classified as Use of Hard-coded Credentials (CWE-798), which allows attackers to gain access using credentials embedded in source code. Affected products include: Microsoft Powershell.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Remove hard-coded credentials, use environment variables or secrets management, rotate exposed credentials immediately.
More in Powershell
View allA remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code
PowerShell Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitab
Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l
PowerShell Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack comple
CVE-2025-30399 is an untrusted search path vulnerability in .NET and Visual Studio that allows unauthenticated remote at
.NET Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no aut
.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely e
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Cor
<p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an at
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of
.NET and Visual Studio Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remo
.NET Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentica
Same weakness CWE-798 – Use of Hard-coded Credentials
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today