CVE-2023-38151— Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-38151
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对未经初始化资源的使用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Host Integration Server 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Host Integration Server是美国微软(Microsoft)公司的一个网关应用程序,提供Microsoft Windows网络与IBM大型机和IBM i系统之间的连接。提供了对SNA,3270、5250,CICS,APPC和其他IBM协议的支持。 Microsoft Host Integration Server存在安全漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Microsoft OLE DB Provider for DB2 V7,Host I
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Microsoft | Host Integration Server 2020 | 7.0 ~ KB5032921 | - | |
| Microsoft | Host Integration Server 2020 | 1.0.0 ~ KB5032921 | - |
II. Public POCs for CVE-2023-38151
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-38151
请登录查看更多情报信息。
Same Patch Batch · Microsoft · 2023-11-14 · 57 CVEs total
| CVE-2023-36397 | 9.8 CRITICAL | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-36028 | 9.8 CRITICAL | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulner |
| CVE-2023-36400 | 8.8 HIGH | Windows HMAC Key Derivation Elevation of Privilege Vulnerability |
| CVE-2023-36402 | 8.8 HIGH | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-36437 | 8.8 HIGH | Azure DevOps Server Remote Code Execution Vulnerability |
| CVE-2023-36017 | 8.8 HIGH | Windows Scripting Engine Memory Corruption Vulnerability |
| CVE-2023-36423 | 8.8 HIGH | Microsoft Remote Registry Service Remote Code Execution Vulnerability |
| CVE-2023-36025 | 8.8 HIGH | Windows SmartScreen Security Feature Bypass Vulnerability |
| CVE-2023-36560 | 8.8 HIGH | ASP.NET Security Feature Bypass Vulnerability |
| CVE-2023-36052 | 8.6 HIGH | Azure CLI REST Command Information Disclosure Vulnerability |
| CVE-2023-36038 | 8.2 HIGH | ASP.NET Core Denial of Service Vulnerability |
| CVE-2023-36439 | 8.0 HIGH | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2023-36021 | 8.0 HIGH | Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability |
| CVE-2023-36035 | 8.0 HIGH | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2023-36425 | 8.0 HIGH | Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
| CVE-2023-36039 | 8.0 HIGH | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2023-36050 | 8.0 HIGH | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2023-36719 | 7.8 HIGH | Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerabi |
| CVE-2023-36408 | 7.8 HIGH | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2023-36396 | 7.8 HIGH | Windows Compressed Folder Remote Code Execution Vulnerability |
Showing top 20 of 57 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: Microsoft
- CVE-2026-42826
Azure DevOps Information Disclosure Vulnerability - CVE-2026-35428
Azure Cloud Shell Spoofing Vulnerability - CVE-2026-35435
Azure AI Foundry Elevation of Privilege Vulnerability - CVE-2026-34327
Microsoft Partner Center Spoofing Vulnerability - CVE-2026-33844
Azure Managed Instance for Apache Cassandra Remote Code Exec
Same weakness: CWE-908
- CVE-2026-7141
vllm KV Block kv_cache_interface.py has_mamba_layers uniniti - CVE-2026-26175
Windows Boot Manager Security Feature Bypass Vulnerability - CVE-2026-34543
OpenEXR: Heap information disclosure in PXR24 decompression - CVE-2026-27496
n8n has In-Process Memory Disclosure in its Task Runner - CVE-2025-12736
multimedia_audio_standard has an insecure storage of sensiti
V. Comments for CVE-2023-38151
No comments yet