← Back

CVE-2023-36019

nvd nist
Published: Dec 12, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.4
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
Exploitability: 2.8 / Impact: 4.0
Source: NVD

Description

Microsoft Power Platform Connector Spoofing Vulnerability

Affected (2)

Microsoft
2 products
Azure Logic Apps
Power Platform
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Azure Logic Apps
Before 3.23113
Power Platform
Before 3.23113

Related CWEs

CWE-73
External Control of File Name or Path
The product allows user input to control or influence paths or file names that are used in filesystem operations.

References (2)

Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.