Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-36424 (GCVE-0-2023-36424)
Vulnerability from cvelistv5 – Published: 2023-11-14 17:57 – Updated: 2026-04-14 03:55
VLAI
EPSS
CISA KEV
Title
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Summary
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Severity
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 11 version 22H3 |
Affected:
10.0.22631.0 , < 10.0.22631.2715
(custom)
|
|
| Microsoft | Windows Server 2022, 23H2 Edition (Server Core installation) |
Affected:
10.0.25398.0 , < 10.0.25398.531
(custom)
|
|
| Microsoft | Windows 11 Version 23H2 |
Affected:
10.0.22631.0 , < 10.0.22631.2715
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.5122
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.0 , < 10.0.17763.5122
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.5122
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.5122
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.2113
(custom)
|
|
| Microsoft | Windows 11 version 21H2 |
Affected:
10.0.0 , < 10.0.22000.2600
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19043.0 , < 10.0.19043.3693
(custom)
|
|
| Microsoft | Windows 11 version 22H2 |
Affected:
10.0.22621.0 , < 10.0.22621.2715
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.3693
(custom)
|
|
| Microsoft | Windows 10 Version 1507 |
Affected:
10.0.10240.0 , < 10.0.10240.20308
(custom)
|
|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.6452
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.6452
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.6452
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.22367
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 (Server Core installation) |
Affected:
6.0.6003.0 , < 6.0.6003.22367
(custom)
|
|
| Microsoft | Windows Server 2008 Service Pack 2 |
Affected:
6.0.6003.0 , < 6.0.6003.22367
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 |
Affected:
6.1.7601.0 , < 6.1.7601.26816
(custom)
|
|
| Microsoft | Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
Affected:
6.1.7601.0 , < 6.1.7601.26816
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.24569
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.24569
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.21668
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.21668
(custom)
|
Date Public
2023-11-14 08:00
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 6059aa7b-b7b7-45d5-a648-bfb52964a0ff
Exploited: Yes
Timestamps
First Seen: 2026-04-13
Asserted: 2026-04-13
Scope
Notes: KEV entry: Microsoft Windows Out-of-Bounds Read Vulnerability | Affected: Microsoft / Windows | Description: Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-04-27 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36424 ; https://nvd.nist.gov/vuln/detail/CVE-2023-36424
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-125 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Windows |
| Due Date | 2026-04-27 |
| Date Added | 2026-04-13 |
| Vendorproject | Microsoft |
| Vulnerabilityname | Microsoft Windows Out-of-Bounds Read Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-04-13 18:00 UTC
| Updated: 2026-04-13 18:00 UTC
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36424",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-04-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T03:55:25.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-13T00:00:00.000Z",
"value": "CVE-2023-36424 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:45:56.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Windows Common Log File System Driver Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.2715",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.531",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.2715",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5122",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5122",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5122",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.5122",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.2113",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.2600",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19043.3693",
"status": "affected",
"version": "10.0.19043.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.2715",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.3693",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.20308",
"status": "affected",
"version": "10.0.10240.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6452",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6452",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.6452",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22367",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22367",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.22367",
"status": "affected",
"version": "6.0.6003.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26816",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.1.7601.26816",
"status": "affected",
"version": "6.1.7601.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24569",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.24569",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.21668",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.21668",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.2715",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.531",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.2715",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.5122",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.5122",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5122",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.5122",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2113",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2600",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19043.3693",
"versionStartIncluding": "10.0.19043.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2715",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3693",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20308",
"versionStartIncluding": "10.0.10240.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6452",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6452",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6452",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22367",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.0.6003.22367",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.0.6003.22367",
"versionStartIncluding": "6.0.6003.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26816",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.1.7601.26816",
"versionStartIncluding": "6.1.7601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24569",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.24569",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.21668",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.21668",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-11-14T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T23:59:33.437Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Common Log File System Driver Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
}
],
"title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-36424",
"datePublished": "2023-11-14T17:57:08.919Z",
"dateReserved": "2023-06-21T15:14:27.785Z",
"dateUpdated": "2026-04-14T03:55:25.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-36424",
"cwes": "[\"CWE-125\"]",
"dateAdded": "2026-04-13",
"dueDate": "2026-04-27",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36424 ; https://nvd.nist.gov/vuln/detail/CVE-2023-36424",
"product": "Windows",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation",
"vendorProject": "Microsoft",
"vulnerabilityName": "Microsoft Windows Out-of-Bounds Read Vulnerability"
},
"epss": {
"cve": "CVE-2023-36424",
"date": "2026-05-26",
"epss": "0.11201",
"percentile": "0.93601"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.10240.20308\", \"matchCriteriaId\": \"81F826F9-C8B6-4D68-8936-96D2B4AC253F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.10240.20308\", \"matchCriteriaId\": \"4BE302B4-747A-457D-B0EE-357CC3191C1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.14393.6452\", \"matchCriteriaId\": \"4C3EB2B6-8A7D-48D0-8FBD-EDD32A02B0A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.14393.6452\", \"matchCriteriaId\": \"1A36FFD9-2FFD-491F-9CB6-80DE6544A735\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*\", \"versionEndExcluding\": \"10.0.17763.5122\", \"matchCriteriaId\": \"4F018A9A-D2BC-4EB0-BC64-B92DC4EF68DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.17763.5122\", \"matchCriteriaId\": \"455A430D-8451-4B60-8496-E0A0CE27EDE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.17763.5122\", \"matchCriteriaId\": \"395069C3-88A4-493F-9437-23BFC54EA6EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19041.3693\", \"matchCriteriaId\": \"76D06BFE-474B-4A10-9E9E-9D88DDCD2764\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19045.3693\", \"matchCriteriaId\": \"85ABCA53-40C8-452B-8D2F-7AAF3624DCD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.22000.2600\", \"matchCriteriaId\": \"7BCCEFB5-50CD-4D8A-B4A8-16B357367487\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.22621.2715\", \"matchCriteriaId\": \"656DB244-CD92-4288-A4CD-76ED0492D65C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.22631.2715\", \"matchCriteriaId\": \"EC26CE6D-0DFD-4642-A806-2A312888A451\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*\", \"matchCriteriaId\": \"2127D10C-B6F3-4C1D-B9AA-5D78513CC996\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*\", \"matchCriteriaId\": \"AB425562-C0A0-452E-AABE-F70522F15E1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\", \"matchCriteriaId\": \"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB18C4CE-5917-401E-ACF7-2747084FD36E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB79EE26-FC32-417D-A49C-A1A63165A968\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.25398.531\", \"matchCriteriaId\": \"F942D380-5BD6-4262-A013-89EBFE23C27A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Windows Common Log File System Driver Elevation of Privilege Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de elevaci\\u00f3n de privilegios del controlador del sistema de archivos de registro com\\u00fan de Windows.\"}]",
"id": "CVE-2023-36424",
"lastModified": "2024-11-21T08:09:43.490",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2023-11-14T18:15:45.990",
"references": "[{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-36424\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2023-11-14T18:15:45.990\",\"lastModified\":\"2026-04-14T14:44:43.473\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Windows Common Log File System Driver Elevation of Privilege Vulnerability\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de elevaci\u00f3n de privilegios del controlador del sistema de archivos de registro com\u00fan de Windows.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2026-04-13\",\"cisaActionDue\":\"2026-04-27\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Microsoft Windows Out-of-Bounds Read Vulnerability\",\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.10240.20308\",\"matchCriteriaId\":\"81F826F9-C8B6-4D68-8936-96D2B4AC253F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.10240.20308\",\"matchCriteriaId\":\"4BE302B4-747A-457D-B0EE-357CC3191C1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.6452\",\"matchCriteriaId\":\"4C3EB2B6-8A7D-48D0-8FBD-EDD32A02B0A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.6452\",\"matchCriteriaId\":\"1A36FFD9-2FFD-491F-9CB6-80DE6544A735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.17763.5122\",\"matchCriteriaId\":\"4F018A9A-D2BC-4EB0-BC64-B92DC4EF68DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.17763.5122\",\"matchCriteriaId\":\"455A430D-8451-4B60-8496-E0A0CE27EDE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.17763.5122\",\"matchCriteriaId\":\"395069C3-88A4-493F-9437-23BFC54EA6EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.3693\",\"matchCriteriaId\":\"D3286F3A-3F82-4433-AC77-F4907D3B1650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.3693\",\"matchCriteriaId\":\"85ABCA53-40C8-452B-8D2F-7AAF3624DCD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22000.2600\",\"matchCriteriaId\":\"7BCCEFB5-50CD-4D8A-B4A8-16B357367487\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.2715\",\"matchCriteriaId\":\"656DB244-CD92-4288-A4CD-76ED0492D65C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22631.2715\",\"matchCriteriaId\":\"EC26CE6D-0DFD-4642-A806-2A312888A451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*\",\"matchCriteriaId\":\"2127D10C-B6F3-4C1D-B9AA-5D78513CC996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*\",\"matchCriteriaId\":\"AB425562-C0A0-452E-AABE-F70522F15E1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*\",\"matchCriteriaId\":\"AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.14393.6452\",\"matchCriteriaId\":\"62033B83-CCC2-4FE3-91CB-213741FC682A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.5122\",\"matchCriteriaId\":\"940B3D77-2D2E-41F3-8450-27AF8BB17F18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.20348.2091\",\"matchCriteriaId\":\"492944B8-0555-4A6F-9F31-B43D0DAC4CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.25398.531\",\"matchCriteriaId\":\"F942D380-5BD6-4262-A013-89EBFE23C27A\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424\", \"name\": \"Windows Common Log File System Driver Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T16:45:56.621Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-36424\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-13T17:03:03.427592Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-04-13\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-07T18:02:07.347Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-13T00:00:00.000Z\", \"value\": \"CVE-2023-36424 added to CISA KEV\"}]}], \"cna\": {\"title\": \"Windows Common Log File System Driver Elevation of Privilege Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H3\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.2715\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022, 23H2 Edition (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.25398.0\", \"lessThan\": \"10.0.25398.531\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 23H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.2715\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.5122\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.17763.5122\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.5122\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.5122\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.20348.0\", \"lessThan\": \"10.0.20348.2113\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 21H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.22000.2600\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\", \"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 21H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19043.0\", \"lessThan\": \"10.0.19043.3693\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22621.0\", \"lessThan\": \"10.0.22621.2715\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19045.0\", \"lessThan\": \"10.0.19045.3693\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\", \"ARM64-based Systems\", \"32-bit Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1507\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.10240.0\", \"lessThan\": \"10.0.10240.20308\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1607\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.6452\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.6452\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.6452\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 Service Pack 2\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.22367\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 Service Pack 2 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.22367\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 Service Pack 2\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0.6003.0\", \"lessThan\": \"6.0.6003.22367\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 R2 Service Pack 1\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1.7601.0\", \"lessThan\": \"6.1.7601.26816\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2008 R2 Service Pack 1 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1.7601.0\", \"lessThan\": \"6.1.7601.26816\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.24569\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.24569\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.21668\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.21668\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2023-11-14T08:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424\", \"name\": \"Windows Common Log File System Driver Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Windows Common Log File System Driver Elevation of Privilege Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125: Out-of-bounds Read\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.2715\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.25398.531\", \"versionStartIncluding\": \"10.0.25398.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.2715\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.5122\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.5122\", \"versionStartIncluding\": \"10.0.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.5122\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.5122\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.20348.2113\", \"versionStartIncluding\": \"10.0.20348.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22000.2600\", \"versionStartIncluding\": \"10.0.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19043.3693\", \"versionStartIncluding\": \"10.0.19043.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22621.2715\", \"versionStartIncluding\": \"10.0.22621.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19045.3693\", \"versionStartIncluding\": \"10.0.19045.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.10240.20308\", \"versionStartIncluding\": \"10.0.10240.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.6452\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.6452\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.6452\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.0.6003.22367\", \"versionStartIncluding\": \"6.0.6003.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.0.6003.22367\", \"versionStartIncluding\": \"6.0.6003.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_sp2:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.0.6003.22367\", \"versionStartIncluding\": \"6.0.6003.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.7601.26816\", \"versionStartIncluding\": \"6.1.7601.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.7601.26816\", \"versionStartIncluding\": \"6.1.7601.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.2.9200.24569\", \"versionStartIncluding\": \"6.2.9200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.2.9200.24569\", \"versionStartIncluding\": \"6.2.9200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.21668\", \"versionStartIncluding\": \"6.3.9600.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.21668\", \"versionStartIncluding\": \"6.3.9600.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-10-08T23:59:33.437Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-36424\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-14T03:55:25.577Z\", \"dateReserved\": \"2023-06-21T15:14:27.785Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2023-11-14T17:57:08.919Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2023-AVI-0944
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données, une élévation de privilèges, un contournement de la fonctionnalité de sécurité, une exécution de code à distance et une usurpation d'identité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2022 | ||
| Microsoft | Windows | Windows Server 2012 | ||
| Microsoft | Windows | Windows 10 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2019 | ||
| Microsoft | Windows | Windows Server 2012 R2 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) | ||
| Microsoft | Windows | Windows Defender Antimalware Platform | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2022, 23H2 Edition (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2016 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes x64 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2022",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Defender Antimalware Platform",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-36428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36428"
},
{
"name": "CVE-2023-36400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36400"
},
{
"name": "CVE-2023-36395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36395"
},
{
"name": "CVE-2023-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36017"
},
{
"name": "CVE-2023-36047",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36047"
},
{
"name": "CVE-2023-36423",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36423"
},
{
"name": "CVE-2023-36398",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36398"
},
{
"name": "CVE-2023-36394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36394"
},
{
"name": "CVE-2023-36401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36401"
},
{
"name": "CVE-2023-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36028"
},
{
"name": "CVE-2023-36406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36406"
},
{
"name": "CVE-2023-36036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36036"
},
{
"name": "CVE-2023-36397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36397"
},
{
"name": "CVE-2023-36405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36405"
},
{
"name": "CVE-2023-36407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36407"
},
{
"name": "CVE-2023-36403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36403"
},
{
"name": "CVE-2023-36427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36427"
},
{
"name": "CVE-2023-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36408"
},
{
"name": "CVE-2023-36396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36396"
},
{
"name": "CVE-2023-36424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36424"
},
{
"name": "CVE-2023-36025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36025"
},
{
"name": "CVE-2023-36425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36425"
},
{
"name": "CVE-2023-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36033"
},
{
"name": "CVE-2023-36046",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36046"
},
{
"name": "CVE-2023-36392",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36392"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2023-36399",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36399"
},
{
"name": "CVE-2023-36404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36404"
},
{
"name": "CVE-2023-36422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36422"
},
{
"name": "CVE-2023-36393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36393"
},
{
"name": "CVE-2023-36719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36719"
},
{
"name": "CVE-2023-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36402"
},
{
"name": "CVE-2023-36705",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36705"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36407 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36407"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36396 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36396"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36401 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36401"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36402 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36402"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36394 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36394"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36405 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36405"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36025 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36428 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36428"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36047 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36047"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36036 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36036"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24023 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24023"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36393 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36393"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36399 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36399"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36017 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36017"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36425 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36425"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36424 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36392 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36392"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36397 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36397"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36400 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36400"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36403 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36403"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36705 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36705"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36395 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36395"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36046 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36046"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36033 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36033"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36404 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36404"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36406 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36406"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36719 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36719"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36028 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36028"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36423 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36423"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36427 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36427"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36408 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36408"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36422 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36398 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36398"
}
],
"reference": "CERTFR-2023-AVI-0944",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Usurpation d\u0027identit\u00e9"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges, un contournement de la\nfonctionnalit\u00e9 de s\u00e9curit\u00e9, une ex\u00e9cution de code \u00e0 distance et une\nusurpation d\u0027identit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/"
}
]
}
CERTFR-2023-AVI-0944
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données, une élévation de privilèges, un contournement de la fonctionnalité de sécurité, une exécution de code à distance et une usurpation d'identité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2022 | ||
| Microsoft | Windows | Windows Server 2012 | ||
| Microsoft | Windows | Windows 10 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2019 | ||
| Microsoft | Windows | Windows Server 2012 R2 | ||
| Microsoft | Windows | Windows Server 2022 (Server Core installation) | ||
| Microsoft | Windows | Windows Defender Antimalware Platform | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows 11 version 21H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 23H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 21H2 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows Server 2022, 23H2 Edition (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2016 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 22H2 pour systèmes ARM64 | ||
| Microsoft | Windows | Windows 11 Version 22H2 pour systèmes x64 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2022",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Defender Antimalware Platform",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 21H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 22H2 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-36428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36428"
},
{
"name": "CVE-2023-36400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36400"
},
{
"name": "CVE-2023-36395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36395"
},
{
"name": "CVE-2023-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36017"
},
{
"name": "CVE-2023-36047",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36047"
},
{
"name": "CVE-2023-36423",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36423"
},
{
"name": "CVE-2023-36398",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36398"
},
{
"name": "CVE-2023-36394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36394"
},
{
"name": "CVE-2023-36401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36401"
},
{
"name": "CVE-2023-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36028"
},
{
"name": "CVE-2023-36406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36406"
},
{
"name": "CVE-2023-36036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36036"
},
{
"name": "CVE-2023-36397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36397"
},
{
"name": "CVE-2023-36405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36405"
},
{
"name": "CVE-2023-36407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36407"
},
{
"name": "CVE-2023-36403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36403"
},
{
"name": "CVE-2023-36427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36427"
},
{
"name": "CVE-2023-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36408"
},
{
"name": "CVE-2023-36396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36396"
},
{
"name": "CVE-2023-36424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36424"
},
{
"name": "CVE-2023-36025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36025"
},
{
"name": "CVE-2023-36425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36425"
},
{
"name": "CVE-2023-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36033"
},
{
"name": "CVE-2023-36046",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36046"
},
{
"name": "CVE-2023-36392",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36392"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2023-36399",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36399"
},
{
"name": "CVE-2023-36404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36404"
},
{
"name": "CVE-2023-36422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36422"
},
{
"name": "CVE-2023-36393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36393"
},
{
"name": "CVE-2023-36719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36719"
},
{
"name": "CVE-2023-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36402"
},
{
"name": "CVE-2023-36705",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36705"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36407 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36407"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36396 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36396"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36401 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36401"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36402 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36402"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36394 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36394"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36405 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36405"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36025 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36428 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36428"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36047 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36047"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36036 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36036"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-24023 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24023"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36393 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36393"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36399 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36399"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36017 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36017"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36425 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36425"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36424 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36392 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36392"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36397 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36397"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36400 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36400"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36403 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36403"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36705 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36705"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36395 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36395"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36046 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36046"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36033 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36033"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36404 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36404"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36406 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36406"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36719 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36719"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36028 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36028"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36423 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36423"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36427 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36427"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36408 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36408"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36422 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36398 du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36398"
}
],
"reference": "CERTFR-2023-AVI-0944",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Usurpation d\u0027identit\u00e9"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges, un contournement de la\nfonctionnalit\u00e9 de s\u00e9curit\u00e9, une ex\u00e9cution de code \u00e0 distance et une\nusurpation d\u0027identit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 novembre 2023",
"url": "https://msrc.microsoft.com/update-guide/"
}
]
}
BDU:2023-08241
Vulnerability from fstec - Published: 14.11.2023
VLAI
Title
Уязвимость драйвера файловой системы общего журнала операционной системы Windows, позволяющая нарушителю повысить свои привилегии
Description
Уязвимость драйвера файловой системы общего журнала операционной системы Windows связана с недостатками контроля доступа. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии
Severity
Vendor
Microsoft Corp
Software Name
Windows Server 2012, Windows Server 2012 R2, Windows Server 2008 R2 Service Pack 1, Windows 10, Windows Server 2008 R2 Service Pack 2, Windows 10 1607, Windows Server 2016, Windows Server 2012 R2 (Server Core installation), Windows Server 2016 (Server Core installation), Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows 10 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2008 R2 Service Pack 2 (Server Core installation), Windows Server 2022, Windows Server 2022 (Server Core installation), Windows 10 21H2, Windows 11 22H2, Windows 10 22H2, Windows 11 21H2, Windows Server 2012 (Server Core installation), Windows 11 23H2, Windows Server 2022, 23H2 Edition (Server Core installation)
Software Version
- (Windows Server 2012), - (Windows Server 2012 R2), - (Windows Server 2008 R2 Service Pack 1), - (Windows 10), - (Windows Server 2008 R2 Service Pack 2), - (Windows 10 1607), - (Windows Server 2016), - (Windows Server 2012 R2 (Server Core installation)), - (Windows Server 2016 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 1 (Server Core installation)), - (Windows 10 1809), - (Windows Server 2019), - (Windows Server 2019 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 2 (Server Core installation)), - (Windows Server 2022), - (Windows Server 2022 (Server Core installation)), - (Windows 10 21H2), - (Windows 11 22H2), - (Windows 10 22H2), - (Windows 11 21H2), - (Windows Server 2012 (Server Core installation)), - (Windows 11 23H2), - (Windows Server 2022, 23H2 Edition (Server Core installation))
Possible Mitigations
Использование рекомендаций:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424
Reference
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424
https://github.com/MzHmO/Exploit-Street/tree/main/2023/CVE-2023-36424
CWE
CWE-284
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Windows Server 2012), - (Windows Server 2012 R2), - (Windows Server 2008 R2 Service Pack 1), - (Windows 10), - (Windows Server 2008 R2 Service Pack 2), - (Windows 10 1607), - (Windows Server 2016), - (Windows Server 2012 R2 (Server Core installation)), - (Windows Server 2016 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 1 (Server Core installation)), - (Windows 10 1809), - (Windows Server 2019), - (Windows Server 2019 (Server Core installation)), - (Windows Server 2008 R2 Service Pack 2 (Server Core installation)), - (Windows Server 2022), - (Windows Server 2022 (Server Core installation)), - (Windows 10 21H2), - (Windows 11 22H2), - (Windows 10 22H2), - (Windows 11 21H2), - (Windows Server 2012 (Server Core installation)), - (Windows 11 23H2), - (Windows Server 2022, 23H2 Edition (Server Core installation))",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.11.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "12.12.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "29.11.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-08241",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-36424",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Windows Server 2012, Windows Server 2012 R2, Windows Server 2008 R2 Service Pack 1, Windows 10, Windows Server 2008 R2 Service Pack 2, Windows 10 1607, Windows Server 2016, Windows Server 2012 R2 (Server Core installation), Windows Server 2016 (Server Core installation), Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows 10 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2008 R2 Service Pack 2 (Server Core installation), Windows Server 2022, Windows Server 2022 (Server Core installation), Windows 10 21H2, Windows 11 22H2, Windows 10 22H2, Windows 11 21H2, Windows Server 2012 (Server Core installation), Windows 11 23H2, Windows Server 2022, 23H2 Edition (Server Core installation)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows Server 2012 - , Microsoft Corp Windows Server 2012 R2 - , Microsoft Corp Windows Server 2008 R2 Service Pack 1 - 64-bit, Microsoft Corp Windows 10 - 64-bit, Microsoft Corp Windows 10 - 32-bit, Microsoft Corp Windows Server 2008 R2 Service Pack 2 - 32-bit, Microsoft Corp Windows Server 2008 R2 Service Pack 2 - 64-bit, Microsoft Corp Windows 10 1607 - 64-bit, Microsoft Corp Windows 10 1607 - 32-bit, Microsoft Corp Windows Server 2016 - , Microsoft Corp Windows Server 2012 R2 (Server Core installation) - , Microsoft Corp Windows Server 2016 (Server Core installation) - , Microsoft Corp Windows Server 2008 R2 Service Pack 1 (Server Core installation) - 64-bit, Microsoft Corp Windows 10 1809 - 64-bit, Microsoft Corp Windows 10 1809 - 32-bit, Microsoft Corp Windows Server 2019 - , Microsoft Corp Windows Server 2019 (Server Core installation) - , Microsoft Corp Windows 10 1809 - ARM64, Microsoft Corp Windows Server 2008 R2 Service Pack 2 (Server Core installation) - 64-bit, Microsoft Corp Windows Server 2022 - , Microsoft Corp Windows Server 2022 (Server Core installation) - , Microsoft Corp Windows 10 21H2 - 64-bit, Microsoft Corp Windows 10 21H2 - 32-bit, Microsoft Corp Windows 10 21H2 - ARM64, Microsoft Corp Windows 11 22H2 - 64-bit, Microsoft Corp Windows 11 22H2 - ARM64, Microsoft Corp Windows 10 22H2 - 64-bit, Microsoft Corp Windows 10 22H2 - ARM64, Microsoft Corp Windows 10 22H2 - 32-bit, Microsoft Corp Windows 11 21H2 - 64-bit, Microsoft Corp Windows 11 21H2 - ARM64, Microsoft Corp Windows Server 2008 R2 Service Pack 2 (Server Core installation) - 32-bit, Microsoft Corp Windows Server 2012 (Server Core installation) - , Microsoft Corp Windows 11 23H2 - 64-bit, Microsoft Corp Windows 11 23H2 - ARM64, Microsoft Corp Windows Server 2022, 23H2 Edition (Server Core installation) - ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u0449\u0435\u0433\u043e \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u0449\u0435\u0433\u043e \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424\nhttps://github.com/MzHmO/Exploit-Street/tree/main/2023/CVE-2023-36424",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
FKIE_CVE-2023-36424
Vulnerability from fkie_nvd - Published: 2023-11-14 18:15 - Updated: 2026-04-14 14:44
Severity
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Windows Common Log File System Driver Elevation of Privilege Vulnerability
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424 | Patch, Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424 | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_10_1507 | * | |
| microsoft | windows_10_1507 | * | |
| microsoft | windows_10_1607 | * | |
| microsoft | windows_10_1607 | * | |
| microsoft | windows_10_1809 | * | |
| microsoft | windows_10_1809 | * | |
| microsoft | windows_10_1809 | * | |
| microsoft | windows_10_21h2 | * | |
| microsoft | windows_10_22h2 | * | |
| microsoft | windows_11_21h2 | * | |
| microsoft | windows_11_22h2 | * | |
| microsoft | windows_11_23h2 | * | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_server_2008 | r2 | |
| microsoft | windows_server_2012 | - | |
| microsoft | windows_server_2012 | r2 | |
| microsoft | windows_server_2016 | * | |
| microsoft | windows_server_2019 | * | |
| microsoft | windows_server_2022 | * | |
| microsoft | windows_server_2022_23h2 | * |
{
"cisaActionDue": "2026-04-27",
"cisaExploitAdd": "2026-04-13",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Microsoft Windows Out-of-Bounds Read Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "81F826F9-C8B6-4D68-8936-96D2B4AC253F",
"versionEndExcluding": "10.0.10240.20308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "4BE302B4-747A-457D-B0EE-357CC3191C1B",
"versionEndExcluding": "10.0.10240.20308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "4C3EB2B6-8A7D-48D0-8FBD-EDD32A02B0A8",
"versionEndExcluding": "10.0.14393.6452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "1A36FFD9-2FFD-491F-9CB6-80DE6544A735",
"versionEndExcluding": "10.0.14393.6452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "4F018A9A-D2BC-4EB0-BC64-B92DC4EF68DF",
"versionEndExcluding": "10.0.17763.5122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "455A430D-8451-4B60-8496-E0A0CE27EDE3",
"versionEndExcluding": "10.0.17763.5122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "395069C3-88A4-493F-9437-23BFC54EA6EE",
"versionEndExcluding": "10.0.17763.5122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3286F3A-3F82-4433-AC77-F4907D3B1650",
"versionEndExcluding": "10.0.19044.3693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85ABCA53-40C8-452B-8D2F-7AAF3624DCD4",
"versionEndExcluding": "10.0.19045.3693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BCCEFB5-50CD-4D8A-B4A8-16B357367487",
"versionEndExcluding": "10.0.22000.2600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "656DB244-CD92-4288-A4CD-76ED0492D65C",
"versionEndExcluding": "10.0.22621.2715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC26CE6D-0DFD-4642-A806-2A312888A451",
"versionEndExcluding": "10.0.22631.2715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62033B83-CCC2-4FE3-91CB-213741FC682A",
"versionEndExcluding": "10.0.14393.6452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "940B3D77-2D2E-41F3-8450-27AF8BB17F18",
"versionEndExcluding": "10.0.17763.5122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "492944B8-0555-4A6F-9F31-B43D0DAC4CB1",
"versionEndExcluding": "10.0.20348.2091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F942D380-5BD6-4262-A013-89EBFE23C27A",
"versionEndExcluding": "10.0.25398.531",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios del controlador del sistema de archivos de registro com\u00fan de Windows."
}
],
"id": "CVE-2023-36424",
"lastModified": "2026-04-14T14:44:43.473",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-14T18:15:45.990",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
}
GHSA-5WF7-VWPM-XXWX
Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2026-04-13 18:30
VLAI
Details
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2023-36424"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T18:15:45Z",
"severity": "HIGH"
},
"details": "Windows Common Log File System Driver Elevation of Privilege Vulnerability",
"id": "GHSA-5wf7-vwpm-xxwx",
"modified": "2026-04-13T18:30:34Z",
"published": "2023-11-14T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36424"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-36424
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-36424",
"id": "GSD-2023-36424"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-36424"
],
"details": "Windows Common Log File System Driver Elevation of Privilege Vulnerability",
"id": "GSD-2023-36424",
"modified": "2023-12-13T01:20:34.600526Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2023-36424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows 11 version 22H3",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.22631.2715"
}
]
}
},
{
"product_name": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.25398.531"
}
]
}
},
{
"product_name": "Windows 11 Version 23H2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.22631.2715"
}
]
}
},
{
"product_name": "Windows 10 Version 1809",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.17763.5122"
}
]
}
},
{
"product_name": "Windows Server 2019",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.17763.5122"
}
]
}
},
{
"product_name": "Windows Server 2019 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.17763.5122"
}
]
}
},
{
"product_name": "Windows Server 2022",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.20348.2113"
}
]
}
},
{
"product_name": "Windows 11 version 21H2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.22000.2600"
}
]
}
},
{
"product_name": "Windows 10 Version 21H2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.19043.3693"
}
]
}
},
{
"product_name": "Windows 11 version 22H2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.22621.2715"
}
]
}
},
{
"product_name": "Windows 10 Version 22H2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.19045.3693"
}
]
}
},
{
"product_name": "Windows 10 Version 1507",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.10240.20308"
}
]
}
},
{
"product_name": "Windows 10 Version 1607",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.14393.6452"
}
]
}
},
{
"product_name": "Windows Server 2016",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.14393.6452"
}
]
}
},
{
"product_name": "Windows Server 2016 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.14393.6452"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.0",
"version_value": "6.0.6003.22367"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.0",
"version_value": "6.0.6003.22367"
}
]
}
},
{
"product_name": "Windows Server 2008 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.0",
"version_value": "6.0.6003.22367"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.1.0",
"version_value": "6.1.7601.26816"
}
]
}
},
{
"product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.0.0",
"version_value": "6.1.7601.26816"
}
]
}
},
{
"product_name": "Windows Server 2012",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.2.0",
"version_value": "6.2.9200.24569"
}
]
}
},
{
"product_name": "Windows Server 2012 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.2.0",
"version_value": "6.2.9200.24569"
}
]
}
},
{
"product_name": "Windows Server 2012 R2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.3.0",
"version_value": "6.3.9600.21668"
}
]
}
},
{
"product_name": "Windows Server 2012 R2 (Server Core installation)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.3.0",
"version_value": "6.3.9600.21668"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
}
]
},
"impact": {
"cvss": [
{
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424",
"refsource": "MISC",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "81F826F9-C8B6-4D68-8936-96D2B4AC253F",
"versionEndExcluding": "10.0.10240.20308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "4BE302B4-747A-457D-B0EE-357CC3191C1B",
"versionEndExcluding": "10.0.10240.20308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "4C3EB2B6-8A7D-48D0-8FBD-EDD32A02B0A8",
"versionEndExcluding": "10.0.14393.6452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "1A36FFD9-2FFD-491F-9CB6-80DE6544A735",
"versionEndExcluding": "10.0.14393.6452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "4F018A9A-D2BC-4EB0-BC64-B92DC4EF68DF",
"versionEndExcluding": "10.0.17763.5122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "455A430D-8451-4B60-8496-E0A0CE27EDE3",
"versionEndExcluding": "10.0.17763.5122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "395069C3-88A4-493F-9437-23BFC54EA6EE",
"versionEndExcluding": "10.0.17763.5122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76D06BFE-474B-4A10-9E9E-9D88DDCD2764",
"versionEndExcluding": "10.0.19041.3693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85ABCA53-40C8-452B-8D2F-7AAF3624DCD4",
"versionEndExcluding": "10.0.19045.3693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BCCEFB5-50CD-4D8A-B4A8-16B357367487",
"versionEndExcluding": "10.0.22000.2600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "656DB244-CD92-4288-A4CD-76ED0492D65C",
"versionEndExcluding": "10.0.22621.2715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC26CE6D-0DFD-4642-A806-2A312888A451",
"versionEndExcluding": "10.0.22631.2715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F942D380-5BD6-4262-A013-89EBFE23C27A",
"versionEndExcluding": "10.0.25398.531",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios del controlador del sistema de archivos de registro com\u00fan de Windows."
}
],
"id": "CVE-2023-36424",
"lastModified": "2023-12-15T19:55:29.947",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2023-11-14T18:15:45.990",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
MSRC_CVE-2023-36424
Vulnerability from csaf_microsoft - Published: 2023-11-14 08:00 - Updated: 2023-11-14 08:00Summary
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Severity
Important
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.
CWE-125
- Out-of-bounds Read
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows Server 2008 for 32-bit Systems Service Pack 2 6.0.6003.22367
Windows Server 2008 for 32-bit Systems Service Pack 2
|
6.0.6003.22367 | ||
|
Windows Server 2008 for x64-based Systems Service Pack 2 6.0.6003.22367
Windows Server 2008 for x64-based Systems Service Pack 2
|
6.0.6003.22367 | ||
|
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 6.0.6003.22367
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
|
6.0.6003.22367 | ||
|
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 6.1.7601.26816
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
|
6.1.7601.26816 | ||
|
Windows Server 2008 R2 for x64-based Systems Service Pack 1 6.1.7601.26816
Windows Server 2008 R2 for x64-based Systems Service Pack 1
|
6.1.7601.26816 | ||
|
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 6.0.6003.22367
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
|
6.0.6003.22367 | ||
|
Windows Server 2012 6.2.9200.24569
Windows Server 2012
|
6.2.9200.24569 | ||
|
Windows Server 2012 (Server Core installation) 6.2.9200.24569
Windows Server 2012 (Server Core installation)
|
6.2.9200.24569 | ||
|
Windows Server 2012 R2 6.3.9600.21668
Windows Server 2012 R2
|
6.3.9600.21668 | ||
|
Windows Server 2012 R2 (Server Core installation) 6.3.9600.21668
Windows Server 2012 R2 (Server Core installation)
|
6.3.9600.21668 | ||
|
Windows 10 for 32-bit Systems 10.0.10240.20308
Windows 10 for 32-bit Systems
|
10.0.10240.20308 | ||
|
Windows 10 for x64-based Systems 10.0.10240.20308
Windows 10 for x64-based Systems
|
10.0.10240.20308 | ||
|
Windows Server 2016 10.0.14393.6452
Windows Server 2016
|
10.0.14393.6452 | ||
|
Windows 10 Version 1607 for 32-bit Systems 10.0.14393.6452
Windows 10 Version 1607 for 32-bit Systems
|
10.0.14393.6452 | ||
|
Windows 10 Version 1607 for x64-based Systems 10.0.14393.6452
Windows 10 Version 1607 for x64-based Systems
|
10.0.14393.6452 | ||
|
Windows Server 2016 (Server Core installation) 10.0.14393.6452
Windows Server 2016 (Server Core installation)
|
10.0.14393.6452 | ||
|
Windows 10 Version 1809 for 32-bit Systems 10.0.17763.5122
Windows 10 Version 1809 for 32-bit Systems
|
10.0.17763.5122 | ||
|
Windows 10 Version 1809 for x64-based Systems 10.0.17763.5122
Windows 10 Version 1809 for x64-based Systems
|
10.0.17763.5122 | ||
|
Windows 10 Version 1809 for ARM64-based Systems 10.0.17763.5122
Windows 10 Version 1809 for ARM64-based Systems
|
10.0.17763.5122 | ||
|
Windows Server 2019 10.0.17763.5122
Windows Server 2019
|
10.0.17763.5122 | ||
|
Windows Server 2019 (Server Core installation) 10.0.17763.5122
Windows Server 2019 (Server Core installation)
|
10.0.17763.5122 | ||
|
Windows Server 2022 10.0.20348.2113
Windows Server 2022
|
10.0.20348.2113 | ||
|
Windows Server 2022 (Server Core installation) 10.0.20348.2113
Windows Server 2022 (Server Core installation)
|
10.0.20348.2113 | ||
|
Windows 11 version 21H2 for x64-based Systems 10.0.22000.2600
Windows 11 version 21H2 for x64-based Systems
|
10.0.22000.2600 | ||
|
Windows 11 version 21H2 for ARM64-based Systems 10.0.22000.2600
Windows 11 version 21H2 for ARM64-based Systems
|
10.0.22000.2600 | ||
|
Windows 10 Version 21H2 for 32-bit Systems 10.0.19043.3693
Windows 10 Version 21H2 for 32-bit Systems
|
10.0.19043.3693 | ||
|
Windows 10 Version 21H2 for ARM64-based Systems 10.0.19043.3693
Windows 10 Version 21H2 for ARM64-based Systems
|
10.0.19043.3693 | ||
|
Windows 10 Version 21H2 for x64-based Systems 10.0.19043.3693
Windows 10 Version 21H2 for x64-based Systems
|
10.0.19043.3693 | ||
|
Windows 11 Version 22H2 for ARM64-based Systems 10.0.22621.2715
Windows 11 Version 22H2 for ARM64-based Systems
|
10.0.22621.2715 | ||
|
Windows 11 Version 22H2 for x64-based Systems 10.0.22621.2715
Windows 11 Version 22H2 for x64-based Systems
|
10.0.22621.2715 | ||
|
Windows 10 Version 22H2 for x64-based Systems 10.0.19045.3693
Windows 10 Version 22H2 for x64-based Systems
|
10.0.19045.3693 | ||
|
Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.3693
Windows 10 Version 22H2 for ARM64-based Systems
|
10.0.19045.3693 | ||
|
Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.3693
Windows 10 Version 22H2 for 32-bit Systems
|
10.0.19045.3693 | ||
|
Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.2715
Windows 11 Version 23H2 for ARM64-based Systems
|
10.0.22631.2715 | ||
|
Windows 11 Version 23H2 for x64-based Systems 10.0.22631.2715
Windows 11 Version 23H2 for x64-based Systems
|
10.0.22631.2715 | ||
|
Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.531
Windows Server 2022, 23H2 Edition (Server Core installation)
|
10.0.25398.531 |
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows Server 2022, 23H2 Edition (Server Core installation) <10.0.25398.531
Windows Server 2022, 23H2 Edition (Server Core installation)
|
<10.0.25398.531 |
Vendor Fix
fix
|
|
|
Windows 11 Version 23H2 for x64-based Systems <10.0.22631.2715
Windows 11 Version 23H2 for x64-based Systems
|
<10.0.22631.2715 |
Vendor Fix
fix
|
|
|
Windows 11 Version 23H2 for ARM64-based Systems <10.0.22631.2715
Windows 11 Version 23H2 for ARM64-based Systems
|
<10.0.22631.2715 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for 32-bit Systems <10.0.19045.3693
Windows 10 Version 22H2 for 32-bit Systems
|
<10.0.19045.3693 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for ARM64-based Systems <10.0.19045.3693
Windows 10 Version 22H2 for ARM64-based Systems
|
<10.0.19045.3693 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for x64-based Systems <10.0.19045.3693
Windows 10 Version 22H2 for x64-based Systems
|
<10.0.19045.3693 |
Vendor Fix
fix
|
|
|
Windows 11 Version 22H2 for x64-based Systems <10.0.22621.2715
Windows 11 Version 22H2 for x64-based Systems
|
<10.0.22621.2715 |
Vendor Fix
fix
|
|
|
Windows 11 Version 22H2 for ARM64-based Systems <10.0.22621.2715
Windows 11 Version 22H2 for ARM64-based Systems
|
<10.0.22621.2715 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for x64-based Systems <10.0.19043.3693
Windows 10 Version 21H2 for x64-based Systems
|
<10.0.19043.3693 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for ARM64-based Systems <10.0.19043.3693
Windows 10 Version 21H2 for ARM64-based Systems
|
<10.0.19043.3693 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for 32-bit Systems <10.0.19043.3693
Windows 10 Version 21H2 for 32-bit Systems
|
<10.0.19043.3693 |
Vendor Fix
fix
|
|
|
Windows 11 version 21H2 for ARM64-based Systems <10.0.22000.2600
Windows 11 version 21H2 for ARM64-based Systems
|
<10.0.22000.2600 |
Vendor Fix
fix
|
|
|
Windows 11 version 21H2 for x64-based Systems <10.0.22000.2600
Windows 11 version 21H2 for x64-based Systems
|
<10.0.22000.2600 |
Vendor Fix
fix
|
|
|
Windows Server 2022 (Server Core installation) <10.0.20348.2113
Windows Server 2022 (Server Core installation)
|
<10.0.20348.2113 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2022 <10.0.20348.2113
Windows Server 2022
|
<10.0.20348.2113 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2019 (Server Core installation) <10.0.17763.5122
Windows Server 2019 (Server Core installation)
|
<10.0.17763.5122 |
Vendor Fix
fix
|
|
|
Windows Server 2019 <10.0.17763.5122
Windows Server 2019
|
<10.0.17763.5122 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1809 for ARM64-based Systems <10.0.17763.5122
Windows 10 Version 1809 for ARM64-based Systems
|
<10.0.17763.5122 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1809 for x64-based Systems <10.0.17763.5122
Windows 10 Version 1809 for x64-based Systems
|
<10.0.17763.5122 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1809 for 32-bit Systems <10.0.17763.5122
Windows 10 Version 1809 for 32-bit Systems
|
<10.0.17763.5122 |
Vendor Fix
fix
|
|
|
Windows Server 2016 (Server Core installation) <10.0.14393.6452
Windows Server 2016 (Server Core installation)
|
<10.0.14393.6452 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1607 for x64-based Systems <10.0.14393.6452
Windows 10 Version 1607 for x64-based Systems
|
<10.0.14393.6452 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1607 for 32-bit Systems <10.0.14393.6452
Windows 10 Version 1607 for 32-bit Systems
|
<10.0.14393.6452 |
Vendor Fix
fix
|
|
|
Windows Server 2016 <10.0.14393.6452
Windows Server 2016
|
<10.0.14393.6452 |
Vendor Fix
fix
|
|
|
Windows 10 for x64-based Systems <10.0.10240.20308
Windows 10 for x64-based Systems
|
<10.0.10240.20308 |
Vendor Fix
fix
|
|
|
Windows 10 for 32-bit Systems <10.0.10240.20308
Windows 10 for 32-bit Systems
|
<10.0.10240.20308 |
Vendor Fix
fix
|
|
|
Windows Server 2012 R2 (Server Core installation) <6.3.9600.21668
Windows Server 2012 R2 (Server Core installation)
|
<6.3.9600.21668 |
Vendor Fix
fix
|
|
|
Windows Server 2012 R2 <6.3.9600.21668
Windows Server 2012 R2
|
<6.3.9600.21668 |
Vendor Fix
fix
|
|
|
Windows Server 2012 (Server Core installation) <6.2.9200.24569
Windows Server 2012 (Server Core installation)
|
<6.2.9200.24569 |
Vendor Fix
fix
|
|
|
Windows Server 2012 <6.2.9200.24569
Windows Server 2012
|
<6.2.9200.24569 |
Vendor Fix
fix
|
|
|
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) <6.0.6003.22367
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
|
<6.0.6003.22367 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2008 R2 for x64-based Systems Service Pack 1 <6.1.7601.26816
Windows Server 2008 R2 for x64-based Systems Service Pack 1
|
<6.1.7601.26816 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) <6.1.7601.26816
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
|
<6.1.7601.26816 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) <6.0.6003.22367
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
|
<6.0.6003.22367 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2008 for x64-based Systems Service Pack 2 <6.0.6003.22367
Windows Server 2008 for x64-based Systems Service Pack 2
|
<6.0.6003.22367 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2008 for 32-bit Systems Service Pack 2 <6.0.6003.22367
Windows Server 2008 for 32-bit Systems Service Pack 2
|
<6.0.6003.22367 |
Vendor Fix
fix
Vendor Fix
fix
|
Threats
Impact
Elevation of Privilege
Exploit Status
Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely
References
7 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | self |
| https://msrc.microsoft.com/csaf/advisories/2023/m… | self |
| https://www.microsoft.com/en-us/msrc/exploitabili… | external |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/update-guide/vulnerabi… | self |
| https://msrc.microsoft.com/csaf/advisories/2023/m… | self |
Acknowledgments
<a href="https://twitter.com/securiteam_ssd">Anonymous</a> with <a href="https://ssd-disclosure.com/">SSD Secure Disclosure</a>
{
"document": {
"acknowledgments": [
{
"names": [
"\u003ca href=\"https://twitter.com/securiteam_ssd\"\u003eAnonymous\u003c/a\u003e with \u003ca href=\"https://ssd-disclosure.com/\"\u003eSSD Secure Disclosure\u003c/a\u003e"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"category": "self",
"summary": "CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2023/msrc_cve-2023-36424.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability",
"tracking": {
"current_release_date": "2023-11-14T08:00:00.000Z",
"generator": {
"date": "2025-04-29T23:34:11.020Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2023-36424",
"initial_release_date": "2023-11-14T08:00:00.000Z",
"revision_history": [
{
"date": "2023-11-14T08:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.2715",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems \u003c10.0.22631.2715",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "10.0.22631.2715",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.2715",
"product_id": "12242"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.25398.531",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) \u003c10.0.25398.531",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "10.0.25398.531",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.531",
"product_id": "12244"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.2715",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems \u003c10.0.22631.2715",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "10.0.22631.2715",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems 10.0.22631.2715",
"product_id": "12243"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.5122",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems \u003c10.0.17763.5122",
"product_id": "20"
}
},
{
"category": "product_version",
"name": "10.0.17763.5122",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems 10.0.17763.5122",
"product_id": "11568"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.5122",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems \u003c10.0.17763.5122",
"product_id": "19"
}
},
{
"category": "product_version",
"name": "10.0.17763.5122",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems 10.0.17763.5122",
"product_id": "11569"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.5122",
"product": {
"name": "Windows 10 Version 1809 for ARM64-based Systems \u003c10.0.17763.5122",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "10.0.17763.5122",
"product": {
"name": "Windows 10 Version 1809 for ARM64-based Systems 10.0.17763.5122",
"product_id": "11570"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.5122",
"product": {
"name": "Windows Server 2019 \u003c10.0.17763.5122",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "10.0.17763.5122",
"product": {
"name": "Windows Server 2019 10.0.17763.5122",
"product_id": "11571"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.5122",
"product": {
"name": "Windows Server 2019 (Server Core installation) \u003c10.0.17763.5122",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "10.0.17763.5122",
"product": {
"name": "Windows Server 2019 (Server Core installation) 10.0.17763.5122",
"product_id": "11572"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.2113",
"product": {
"name": "Windows Server 2022 \u003c10.0.20348.2113",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "10.0.20348.2113",
"product": {
"name": "Windows Server 2022 10.0.20348.2113",
"product_id": "11923"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.2113",
"product": {
"name": "Windows Server 2022 (Server Core installation) \u003c10.0.20348.2113",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "10.0.20348.2113",
"product": {
"name": "Windows Server 2022 (Server Core installation) 10.0.20348.2113",
"product_id": "11924"
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22000.2600",
"product": {
"name": "Windows 11 version 21H2 for x64-based Systems \u003c10.0.22000.2600",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "10.0.22000.2600",
"product": {
"name": "Windows 11 version 21H2 for x64-based Systems 10.0.22000.2600",
"product_id": "11926"
}
}
],
"category": "product_name",
"name": "Windows 11 version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22000.2600",
"product": {
"name": "Windows 11 version 21H2 for ARM64-based Systems \u003c10.0.22000.2600",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "10.0.22000.2600",
"product": {
"name": "Windows 11 version 21H2 for ARM64-based Systems 10.0.22000.2600",
"product_id": "11927"
}
}
],
"category": "product_name",
"name": "Windows 11 version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19043.3693",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems \u003c10.0.19043.3693",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "10.0.19043.3693",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems 10.0.19043.3693",
"product_id": "11929"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19043.3693",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems \u003c10.0.19043.3693",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "10.0.19043.3693",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems 10.0.19043.3693",
"product_id": "11930"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19043.3693",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems \u003c10.0.19043.3693",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "10.0.19043.3693",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems 10.0.19043.3693",
"product_id": "11931"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22621.2715",
"product": {
"name": "Windows 11 Version 22H2 for ARM64-based Systems \u003c10.0.22621.2715",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "10.0.22621.2715",
"product": {
"name": "Windows 11 Version 22H2 for ARM64-based Systems 10.0.22621.2715",
"product_id": "12085"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22621.2715",
"product": {
"name": "Windows 11 Version 22H2 for x64-based Systems \u003c10.0.22621.2715",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "10.0.22621.2715",
"product": {
"name": "Windows 11 Version 22H2 for x64-based Systems 10.0.22621.2715",
"product_id": "12086"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.3693",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems \u003c10.0.19045.3693",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "10.0.19045.3693",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems 10.0.19045.3693",
"product_id": "12097"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.3693",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems \u003c10.0.19045.3693",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "10.0.19045.3693",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.3693",
"product_id": "12098"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.3693",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems \u003c10.0.19045.3693",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "10.0.19045.3693",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.3693",
"product_id": "12099"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.10240.20308",
"product": {
"name": "Windows 10 for 32-bit Systems \u003c10.0.10240.20308",
"product_id": "26"
}
},
{
"category": "product_version",
"name": "10.0.10240.20308",
"product": {
"name": "Windows 10 for 32-bit Systems 10.0.10240.20308",
"product_id": "10729"
}
}
],
"category": "product_name",
"name": "Windows 10 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.10240.20308",
"product": {
"name": "Windows 10 for x64-based Systems \u003c10.0.10240.20308",
"product_id": "25"
}
},
{
"category": "product_version",
"name": "10.0.10240.20308",
"product": {
"name": "Windows 10 for x64-based Systems 10.0.10240.20308",
"product_id": "10735"
}
}
],
"category": "product_name",
"name": "Windows 10 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.6452",
"product": {
"name": "Windows 10 Version 1607 for 32-bit Systems \u003c10.0.14393.6452",
"product_id": "23"
}
},
{
"category": "product_version",
"name": "10.0.14393.6452",
"product": {
"name": "Windows 10 Version 1607 for 32-bit Systems 10.0.14393.6452",
"product_id": "10852"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.6452",
"product": {
"name": "Windows 10 Version 1607 for x64-based Systems \u003c10.0.14393.6452",
"product_id": "22"
}
},
{
"category": "product_version",
"name": "10.0.14393.6452",
"product": {
"name": "Windows 10 Version 1607 for x64-based Systems 10.0.14393.6452",
"product_id": "10853"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.6452",
"product": {
"name": "Windows Server 2016 \u003c10.0.14393.6452",
"product_id": "24"
}
},
{
"category": "product_version",
"name": "10.0.14393.6452",
"product": {
"name": "Windows Server 2016 10.0.14393.6452",
"product_id": "10816"
}
}
],
"category": "product_name",
"name": "Windows Server 2016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.6452",
"product": {
"name": "Windows Server 2016 (Server Core installation) \u003c10.0.14393.6452",
"product_id": "21"
}
},
{
"category": "product_version",
"name": "10.0.14393.6452",
"product": {
"name": "Windows Server 2016 (Server Core installation) 10.0.14393.6452",
"product_id": "10855"
}
}
],
"category": "product_name",
"name": "Windows Server 2016 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 \u003c6.0.6003.22367",
"product_id": "36"
}
},
{
"category": "product_version",
"name": "6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 6.0.6003.22367",
"product_id": "9312"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \u003c6.0.6003.22367",
"product_id": "31"
}
},
{
"category": "product_version",
"name": "6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 6.0.6003.22367",
"product_id": "10287"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 \u003c6.0.6003.22367",
"product_id": "35"
}
},
{
"category": "product_version",
"name": "6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 6.0.6003.22367",
"product_id": "9318"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for x64-based Systems Service Pack 2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \u003c6.0.6003.22367",
"product_id": "34"
}
},
{
"category": "product_version",
"name": "6.0.6003.22367",
"product": {
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 6.0.6003.22367",
"product_id": "9344"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.7601.26816",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 \u003c6.1.7601.26816",
"product_id": "32"
}
},
{
"category": "product_version",
"name": "6.1.7601.26816",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 6.1.7601.26816",
"product_id": "10051"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.7601.26816",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \u003c6.1.7601.26816",
"product_id": "33"
}
},
{
"category": "product_version",
"name": "6.1.7601.26816",
"product": {
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 6.1.7601.26816",
"product_id": "10049"
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.9200.24569",
"product": {
"name": "Windows Server 2012 \u003c6.2.9200.24569",
"product_id": "30"
}
},
{
"category": "product_version",
"name": "6.2.9200.24569",
"product": {
"name": "Windows Server 2012 6.2.9200.24569",
"product_id": "10378"
}
}
],
"category": "product_name",
"name": "Windows Server 2012"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.9200.24569",
"product": {
"name": "Windows Server 2012 (Server Core installation) \u003c6.2.9200.24569",
"product_id": "29"
}
},
{
"category": "product_version",
"name": "6.2.9200.24569",
"product": {
"name": "Windows Server 2012 (Server Core installation) 6.2.9200.24569",
"product_id": "10379"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.9600.21668",
"product": {
"name": "Windows Server 2012 R2 \u003c6.3.9600.21668",
"product_id": "28"
}
},
{
"category": "product_version",
"name": "6.3.9600.21668",
"product": {
"name": "Windows Server 2012 R2 6.3.9600.21668",
"product_id": "10483"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.9600.21668",
"product": {
"name": "Windows Server 2012 R2 (Server Core installation) \u003c6.3.9600.21668",
"product_id": "27"
}
},
{
"category": "product_version",
"name": "6.3.9600.21668",
"product": {
"name": "Windows Server 2012 R2 (Server Core installation) 6.3.9600.21668",
"product_id": "10543"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2 (Server Core installation)"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-36424",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to a High Integrity Level.",
"title": "What privileges could be gained by an attacker who successfully exploited the vulnerability?"
}
],
"product_status": {
"fixed": [
"9312",
"9318",
"9344",
"10049",
"10051",
"10287",
"10378",
"10379",
"10483",
"10543",
"10729",
"10735",
"10816",
"10852",
"10853",
"10855",
"11568",
"11569",
"11570",
"11571",
"11572",
"11923",
"11924",
"11926",
"11927",
"11929",
"11930",
"11931",
"12085",
"12086",
"12097",
"12098",
"12099",
"12242",
"12243",
"12244"
],
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424"
},
{
"category": "self",
"summary": "CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2023/msrc_cve-2023-36424.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.22631.2715:Security Update:https://support.microsoft.com/help/5032190",
"product_ids": [
"3",
"2"
],
"url": "https://support.microsoft.com/help/5032190"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.25398.531:Security Update:https://support.microsoft.com/help/5032202",
"product_ids": [
"1"
],
"url": "https://support.microsoft.com/help/5032202"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.17763.5122:Security Update:https://support.microsoft.com/help/5032196",
"product_ids": [
"20",
"19",
"18",
"17",
"16"
],
"url": "https://support.microsoft.com/help/5032196"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.20348.2113:Security Update:https://support.microsoft.com/help/5032198",
"product_ids": [
"15",
"14"
],
"url": "https://support.microsoft.com/help/5032198"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.20348.2091:SecurityHotpatchUpdate:https://support.microsoft.com/help/5032304",
"product_ids": [
"15",
"14"
],
"url": "https://support.microsoft.com/help/5032304"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.22000.2600:Security Update:https://support.microsoft.com/help/5032192",
"product_ids": [
"13",
"12"
],
"url": "https://support.microsoft.com/help/5032192"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.19043.3693:Security Update:https://support.microsoft.com/help/5032189",
"product_ids": [
"11",
"10",
"9"
],
"url": "https://support.microsoft.com/help/5032189"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.22621.2715:Security Update:https://support.microsoft.com/help/5032190",
"product_ids": [
"8",
"7"
],
"url": "https://support.microsoft.com/help/5032190"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.19045.3693:Security Update:https://support.microsoft.com/help/5032189",
"product_ids": [
"6",
"5",
"4"
],
"url": "https://support.microsoft.com/help/5032189"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.10240.20308:Security Update:https://support.microsoft.com/help/5032199",
"product_ids": [
"26",
"25"
],
"url": "https://support.microsoft.com/help/5032199"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "10.0.14393.6452:Security Update:https://support.microsoft.com/help/5032197",
"product_ids": [
"23",
"22",
"24",
"21"
],
"url": "https://support.microsoft.com/help/5032197"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "6.0.6003.22367:Monthly Rollup:https://support.microsoft.com/help/5032254",
"product_ids": [
"36",
"31",
"35",
"34"
],
"url": "https://support.microsoft.com/help/5032254"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "6.0.6003.22367:Security Only:https://support.microsoft.com/help/5032248",
"product_ids": [
"36",
"31",
"35",
"34"
],
"url": "https://support.microsoft.com/help/5032248"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "6.1.7601.26816:Monthly Rollup:https://support.microsoft.com/help/5032252",
"product_ids": [
"32",
"33"
],
"url": "https://support.microsoft.com/help/5032252"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "6.1.7601.26816:Security Only:https://support.microsoft.com/help/5032250",
"product_ids": [
"32",
"33"
],
"url": "https://support.microsoft.com/help/5032250"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "6.2.9200.24569:Monthly Rollup:https://support.microsoft.com/help/5032247",
"product_ids": [
"30",
"29"
],
"url": "https://support.microsoft.com/help/5032247"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "6.3.9600.21668:Monthly Rollup:https://support.microsoft.com/help/5032249",
"product_ids": [
"28",
"27"
],
"url": "https://support.microsoft.com/help/5032249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36"
]
}
],
"threats": [
{
"category": "impact",
"details": "Elevation of Privilege"
},
{
"category": "exploit_status",
"details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely"
}
],
"title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability"
}
]
}
WID-SEC-W-2023-2890
Vulnerability from csaf_certbund - Published: 2023-11-14 23:00 - Updated: 2026-04-13 22:00Summary
Microsoft Windows: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Windows ist ein Betriebssystem von Microsoft.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server ausnutzen, um seine Privilegien zu erhöhen, um beliebigen Code auszuführen, um Informationen offenzulegen, Sicherheitsmechanismen zu umgehen und um einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme: - Windows
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:::server_core_installation
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation
|
— | |
|
Microsoft Windows Server 2008 R2 SP1
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_r2_sp1
|
2008 R2 SP1 | |
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:server_core_installation
|
— | |
|
Microsoft Windows Server 2008 SP2
Microsoft / Windows Server
|
cpe:/o:microsoft:windows_server:2008_sp2
|
2008 SP2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:-
|
— | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows 11 version 21H2
Microsoft / Windows 11
|
version 21H2 | ||
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— | |
|
Microsoft Windows 11 Version 22H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_22h2
|
Version 22H2 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Windows ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server ausnutzen, um seine Privilegien zu erh\u00f6hen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen, Sicherheitsmechanismen zu umgehen und um einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2890 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2890.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2890 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2890"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates vom 2023-11-14",
"url": "https://msrc.microsoft.com/update-guide"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-311 vom 2024-02-01",
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2023/11.html"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog vom 2026-04-13",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"source_lang": "en-US",
"title": "Microsoft Windows: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-13T22:00:00.000+00:00",
"generator": {
"date": "2026-04-14T08:54:18.549+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2023-2890",
"initial_release_date": "2023-11-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-01-31T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2026-04-13T22:00:00.000+00:00",
"number": "3",
"summary": "Aktive Ausnutzung gemeldet"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Storage",
"product": {
"name": "Hitachi Storage",
"product_id": "T009295",
"product_identification_helper": {
"cpe": "cpe:/h:hitachi:storage:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Windows 10",
"product": {
"name": "Microsoft Windows 10",
"product_id": "T005617",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:-"
}
}
},
{
"category": "product_version",
"name": "Version 1607",
"product": {
"name": "Microsoft Windows 10 Version 1607",
"product_id": "T011520",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1607"
}
}
},
{
"category": "product_version",
"name": "Version 1809",
"product": {
"name": "Microsoft Windows 10 Version 1809",
"product_id": "T019780",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1809"
}
}
},
{
"category": "product_version",
"name": "Version 21H2",
"product": {
"name": "Microsoft Windows 10 Version 21H2",
"product_id": "T021306",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_21h2"
}
}
},
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 10 Version 22H2",
"product_id": "T025256",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_22h2"
}
}
}
],
"category": "product_name",
"name": "Windows 10"
},
{
"branches": [
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 11 Version 22H2",
"product_id": "T024880",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_22h2"
}
}
},
{
"category": "product_version_range",
"name": "version 21H2",
"product": {
"name": "Microsoft Windows 11 version 21H2",
"product_id": "T025777"
}
},
{
"category": "product_version",
"name": "Version 23H2",
"product": {
"name": "Microsoft Windows 11 Version 23H2",
"product_id": "T031172",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_23h2"
}
}
}
],
"category": "product_name",
"name": "Windows 11"
},
{
"branches": [
{
"category": "product_version",
"name": "2008 SP2",
"product": {
"name": "Microsoft Windows Server 2008 SP2",
"product_id": "T012853",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_sp2"
}
}
},
{
"category": "product_version",
"name": "2008 R2 SP1",
"product": {
"name": "Microsoft Windows Server 2008 R2 SP1",
"product_id": "T012855",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_r2_sp1"
}
}
}
],
"category": "product_name",
"name": "Windows Server"
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012",
"product": {
"name": "Microsoft Windows Server 2012",
"product_id": "T006125",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012:::server_core_installation"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012 R2",
"product": {
"name": "Microsoft Windows Server 2012 R2",
"product_id": "T014786",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012_r2:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2016",
"product": {
"name": "Microsoft Windows Server 2016",
"product_id": "T010224",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2019",
"product": {
"name": "Microsoft Windows Server 2019",
"product_id": "T014557",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2019:server_core_installation"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Windows Server 2022",
"product": {
"name": "Microsoft Windows Server 2022",
"product_id": "T020315",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:-"
}
}
},
{
"category": "product_version",
"name": "23H2 Edition",
"product": {
"name": "Microsoft Windows Server 2022 23H2 Edition",
"product_id": "T031173",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:23h2_edition"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-24023",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-24023"
},
{
"cve": "CVE-2023-36017",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36017"
},
{
"cve": "CVE-2023-36025",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36025"
},
{
"cve": "CVE-2023-36028",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36028"
},
{
"cve": "CVE-2023-36033",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36033"
},
{
"cve": "CVE-2023-36036",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36036"
},
{
"cve": "CVE-2023-36046",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36046"
},
{
"cve": "CVE-2023-36047",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36047"
},
{
"cve": "CVE-2023-36392",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36392"
},
{
"cve": "CVE-2023-36393",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36393"
},
{
"cve": "CVE-2023-36394",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36394"
},
{
"cve": "CVE-2023-36395",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36395"
},
{
"cve": "CVE-2023-36396",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36396"
},
{
"cve": "CVE-2023-36397",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36397"
},
{
"cve": "CVE-2023-36398",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36398"
},
{
"cve": "CVE-2023-36399",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36399"
},
{
"cve": "CVE-2023-36400",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36400"
},
{
"cve": "CVE-2023-36401",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36401"
},
{
"cve": "CVE-2023-36402",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36402"
},
{
"cve": "CVE-2023-36403",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36403"
},
{
"cve": "CVE-2023-36404",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36404"
},
{
"cve": "CVE-2023-36405",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36405"
},
{
"cve": "CVE-2023-36406",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36406"
},
{
"cve": "CVE-2023-36407",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36407"
},
{
"cve": "CVE-2023-36408",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36408"
},
{
"cve": "CVE-2023-36423",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36423"
},
{
"cve": "CVE-2023-36424",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36424"
},
{
"cve": "CVE-2023-36425",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36425"
},
{
"cve": "CVE-2023-36427",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36427"
},
{
"cve": "CVE-2023-36428",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36428"
},
{
"cve": "CVE-2023-36705",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36705"
},
{
"cve": "CVE-2023-36719",
"product_status": {
"known_affected": [
"T006125",
"T010224",
"T012855",
"T014557",
"T012853",
"T014786",
"T005617",
"T011520",
"T019780",
"T031173",
"T031172",
"T021306",
"T025777",
"T020315",
"T025256",
"T009295",
"T024880"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-36719"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…