cbcvebase.
CVE-2023-36019
published 2023-12-12

CVE-2023-36019: Microsoft Power Platform Connector Spoofing Vulnerability

PriorityP345high7.4CVSS 3.1
AVNACLPRNUIRSCCNIHAN
EPSS
16.22%
96.5th percentile
Microsoft Power Platform Connector Spoofing Vulnerability

Affected

6 ranges
VendorProductVersion rangeFixed in
microsoftazure_logic_apps< 3.231133.23113
microsoftazure_logic_apps>= 3.0 < 3.231133.23113
microsoftmicrosoft_power_platform>= 1.0.0 < 3.231133.23113
microsoftpower_platform< 3.231133.23113
msrcazure_logic_apps
msrcmicrosoft_power_platform

CVSS provenance

nvdv3.17.4HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
vendor_msrc9.6CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.