Action not permitted
Modal body text goes here.
wid-sec-w-2023-2011
Vulnerability from csaf_certbund
Published
2023-08-08 22:00
Modified
2023-09-25 22:00
Summary
Microsoft Windows: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Windows ist ein Betriebssystem von Microsoft.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Windows ist ein Betriebssystem von Microsoft.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in verschiedenen Versionen von Microsoft Windows und Microsoft Windows Server ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2011 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2011.json" }, { "category": "self", "summary": "WID-SEC-2023-2011 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2011" }, { "category": "external", "summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-308 vom 2023-09-26", "url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2023/08.html" }, { "category": "external", "summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates vom 2023-08-08", "url": "https://msrc.microsoft.com/update-guide" } ], "source_lang": "en-US", "title": "Microsoft Windows: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-09-25T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:39:51.256+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2011", "initial_release_date": "2023-08-08T22:00:00.000+00:00", "revision_history": [ { "date": "2023-08-08T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-09-25T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von HITACHI aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Hitachi Storage Virtual Storage Platform", "product": { "name": "Hitachi Storage Virtual Storage Platform", "product_id": "T020487", "product_identification_helper": { "cpe": "cpe:/h:hitachi:storage:virtual_storage_platform" } } } ], "category": "vendor", "name": "Hitachi" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Microsoft Windows 10 Version 1607", "product": { "name": "Microsoft Windows 10 Version 1607", "product_id": "T011520", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_10:version_1607" } } }, { "category": "product_name", "name": "Microsoft Windows 10 Version 1809", "product": { "name": "Microsoft Windows 10 Version 1809", "product_id": "T019780", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_10:version_1809" } } }, { "category": "product_name", "name": "Microsoft Windows 10 Version 21H2", "product": { "name": "Microsoft Windows 10 Version 21H2", "product_id": "T021306", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_10:version_21h2" } } }, { "category": "product_name", "name": "Microsoft Windows 10 Version 22H2", "product": { "name": "Microsoft Windows 10 Version 22H2", "product_id": "T025256", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_10:version_22h2" } } }, { "category": "product_name", "name": "Microsoft Windows 10", "product": { "name": "Microsoft Windows 10", "product_id": "T025566", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_10:windows_terminal" } } } ], "category": "product_name", "name": "Windows 10" }, { "branches": [ { "category": "product_name", "name": "Microsoft Windows 11 Version 22H2", "product": { "name": "Microsoft Windows 11 Version 22H2", "product_id": "T024880", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_11:version_22h2" } } }, { "category": "product_name", "name": "Microsoft Windows 11 version 21H2", "product": { "name": "Microsoft Windows 11 version 21H2", "product_id": "T025777", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_11:version_21h2" } } } ], "category": "product_name", "name": "Windows 11" }, { "branches": [ { "category": "product_name", "name": "Microsoft Windows Server 2008 SP2", "product": { "name": "Microsoft Windows Server 2008 SP2", "product_id": "T012853", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server:2008_sp2" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2008 R2 SP1", "product": { "name": "Microsoft Windows Server 2008 R2 SP1", "product_id": "T012855", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server:2008_r2_sp1" } } } ], "category": "product_name", "name": "Windows Server" }, { "category": "product_name", "name": "Microsoft Windows Server 2012", "product": { "name": "Microsoft Windows Server 2012", "product_id": "T006125", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2012:::server_core_installation" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2012 R2", "product": { "name": "Microsoft Windows Server 2012 R2", "product_id": "T014786", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2012_r2:-" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2016", "product": { "name": "Microsoft Windows Server 2016", "product_id": "T010224", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2016:server_2016::server_core_installation" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2019", "product": { "name": "Microsoft Windows Server 2019", "product_id": "T014557", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2019:server_core_installation" } } }, { "category": "product_name", "name": "Microsoft Windows Server 2022", "product": { "name": "Microsoft Windows Server 2022", "product_id": "T025255", "product_identification_helper": { "cpe": "cpe:/o:microsoft:windows_server_2022:datacenter_azure_edition" } } } ], "category": "vendor", "name": "Microsoft" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-38254", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-38254" }, { "cve": "CVE-2023-38186", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-38186" }, { "cve": "CVE-2023-38184", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-38184" }, { "cve": "CVE-2023-38172", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-38172" }, { "cve": "CVE-2023-38170", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-38170" }, { "cve": "CVE-2023-38154", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-38154" }, { "cve": "CVE-2023-36914", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36914" }, { "cve": "CVE-2023-36913", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36913" }, { "cve": "CVE-2023-36912", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36912" }, { "cve": "CVE-2023-36911", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36911" }, { "cve": "CVE-2023-36910", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36910" }, { "cve": "CVE-2023-36909", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36909" }, { "cve": "CVE-2023-36908", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36908" }, { "cve": "CVE-2023-36907", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36907" }, { "cve": "CVE-2023-36906", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36906" }, { "cve": "CVE-2023-36905", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36905" }, { "cve": "CVE-2023-36904", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36904" }, { "cve": "CVE-2023-36903", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36903" }, { "cve": "CVE-2023-36900", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36900" }, { "cve": "CVE-2023-36898", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36898" }, { "cve": "CVE-2023-36889", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36889" }, { "cve": "CVE-2023-36882", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36882" }, { "cve": "CVE-2023-36876", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-36876" }, { "cve": "CVE-2023-35387", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35387" }, { "cve": "CVE-2023-35386", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35386" }, { "cve": "CVE-2023-35385", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35385" }, { "cve": "CVE-2023-35384", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35384" }, { "cve": "CVE-2023-35383", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35383" }, { "cve": "CVE-2023-35382", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35382" }, { "cve": "CVE-2023-35381", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35381" }, { "cve": "CVE-2023-35380", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35380" }, { "cve": "CVE-2023-35379", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35379" }, { "cve": "CVE-2023-35378", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35378" }, { "cve": "CVE-2023-35377", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35377" }, { "cve": "CVE-2023-35376", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35376" }, { "cve": "CVE-2023-35359", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-35359" }, { "cve": "CVE-2023-20569", "notes": [ { "category": "description", "text": "In verschiedenen Version von Microsoft Windows und Microsoft Windows Server existieren mehrere Schwachstellen. Microsoft ver\u00f6ffentlicht keine Details dazu. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erweitern, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T006125", "T010224", "T012855", "T014557", "T012853", "T014786", "T011520", "T019780", "T020487", "T021306", "T025777", "T025256", "T025566", "T025255", "T024880" ] }, "release_date": "2023-08-08T22:00:00Z", "title": "CVE-2023-20569" } ] }
cve-2023-36904
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36904 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36904", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T20:22:48.617256Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T20:23:04.563Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36904" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126: Buffer Over-read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:37.170Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36904" } ], "title": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36904", "datePublished": "2023-08-08T17:08:25.002Z", "dateReserved": "2023-06-27T20:28:49.989Z", "dateUpdated": "2024-08-02T17:01:09.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38254
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:39
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38254 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:39:12.123Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38254" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:43.333Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38254" } ], "title": "Microsoft Message Queuing Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38254", "datePublished": "2023-08-08T17:08:31.932Z", "dateReserved": "2023-07-13T16:33:28.143Z", "dateUpdated": "2024-08-02T17:39:12.123Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20569
Vulnerability from cvelistv5
Published
2023-08-08 17:02
Modified
2024-09-23 03:18
Severity ?
EPSS score ?
Summary
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-09-23T03:18:32.598Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005" }, { "tags": [ "x_transferred" ], "url": "http://xenbits.xen.org/xsa/advisory-434.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/08/4" }, { "tags": [ "x_transferred" ], "url": "https://comsec.ethz.ch/research/microarch/inception/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5475" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240605-0006/" } ], "title": "CVE Program Container", "x_generator": { "engine": "ADPogram 0.0.1" } } ], "cna": { "affected": [ { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 3000 Series Desktop Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 PRO 3000 Series Desktop Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Athlon\u2122 3000 Series Processors with Radeon\u2122 Graphics ", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Athlon\u2122 PRO 3000 Series Processors with Radeon\u2122 Vega Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 4000 Series Desktop Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 PRO 4000 Series Desktop Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 5000 Series Desktop Processors ", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 5000 Series Desktop Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": "AGESA", "platforms": [ "x86" ], "product": "Ryzen\u2122 PRO 5000 Series Desktop Processors", "vendor": " ", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 Threadripper\u2122 2000 Series Processors ", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": " Ryzen\u2122 Threadripper\u2122 5000 Series Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 Threadripper\u2122 3000 Series Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 PRO 5000 Series Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 PRO 6000 Series Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "packageName": " ", "platforms": [ "x86" ], "product": "Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "platforms": [ "x86" ], "product": "Ryzen\u2122 7000 Series Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "platforms": [ "x86" ], "product": "Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "platforms": [ "x86" ], "product": " 1st Gen AMD EPYC\u2122 Processors", "vendor": "AMD ", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "platforms": [ "x86" ], "product": "2nd Gen AMD EPYC\u2122 Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "platforms": [ "x86" ], "product": "3rd Gen AMD EPYC\u2122 Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] }, { "defaultStatus": "affected", "platforms": [ "x86" ], "product": "4th Gen AMD EPYC\u2122 Processors", "vendor": "AMD", "versions": [ { "status": "affected", "version": "various " } ] } ], "datePublic": "2023-08-08T16:30:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA side channel vulnerability on some \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eof the \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAMD CPUs may allow an attacker to influence \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ereturn address prediction\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. This may\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e result in speculative execution at an attacker-controlled\u202f\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eaddress\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, potentially leading to information disclosure.\u003c/span\u003e\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n" } ], "value": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n" } ], "providerMetadata": { "dateUpdated": "2023-08-08T17:02:11.318Z", "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005" }, { "url": "http://xenbits.xen.org/xsa/advisory-434.html" }, { "url": "http://www.openwall.com/lists/oss-security/2023/08/08/4" }, { "url": "https://comsec.ethz.ch/research/microarch/inception/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html" }, { "url": "https://www.debian.org/security/2023/dsa-5475" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/" }, { "url": "https://security.netapp.com/advisory/ntap-20240605-0006/" } ], "source": { "advisory": "AMD-SB-7005", "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "assignerShortName": "AMD", "cveId": "CVE-2023-20569", "datePublished": "2023-08-08T17:02:11.318Z", "dateReserved": "2022-10-27T18:53:39.754Z", "dateUpdated": "2024-09-23T03:18:32.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36908
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows Hyper-V Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36908", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T14:22:56.048554Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:25:49.199Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.932Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Hyper-V Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Hyper-V Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:39.225Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Hyper-V Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908" } ], "title": "Windows Hyper-V Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36908", "datePublished": "2023-08-08T17:08:27.268Z", "dateReserved": "2023-06-27T20:29:08.606Z", "dateUpdated": "2024-08-02T17:01:09.932Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36898
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Tablet Windows User Interface Application Core Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36898 | vendor-advisory |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | Windows 11 version 21H2 | |
Microsoft | Windows 11 version 22H2 |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36898", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-19T18:05:29.832821Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-19T18:05:35.983Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.981Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Tablet Windows User Interface Application Core Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36898" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Tablet Windows User Interface Application Core Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-426", "description": "CWE-426: Untrusted Search Path", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:35.162Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Tablet Windows User Interface Application Core Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36898" } ], "title": "Tablet Windows User Interface Application Core Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36898", "datePublished": "2023-08-08T17:08:22.731Z", "dateReserved": "2023-06-27T20:28:49.988Z", "dateUpdated": "2024-08-02T17:01:09.981Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36911
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.995Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:40.739Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911" } ], "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36911", "datePublished": "2023-08-08T17:08:29.028Z", "dateReserved": "2023-06-27T20:29:08.606Z", "dateUpdated": "2024-08-02T17:01:09.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36907
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows Cryptographic Services Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36907", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-19T18:24:45.723823Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-22T20:13:52.523Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.988Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Cryptographic Services Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Cryptographic Services Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-170", "description": "CWE-170: Improper Null Termination", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:38.709Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Cryptographic Services Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907" } ], "title": "Windows Cryptographic Services Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36907", "datePublished": "2023-08-08T17:08:26.702Z", "dateReserved": "2023-06-27T20:29:08.606Z", "dateUpdated": "2024-08-02T17:01:09.988Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36910
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.965Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:40.235Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910" } ], "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36910", "datePublished": "2023-08-08T17:08:28.449Z", "dateReserved": "2023-06-27T20:29:08.606Z", "dateUpdated": "2024-08-02T17:01:09.965Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35378
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows Projected File System Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35378 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35378", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-23T18:57:02.376728Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-23T18:57:19.327Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.645Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Projected File System Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35378" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Projected File System Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-367", "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:44.353Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Projected File System Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35378" } ], "title": "Windows Projected File System Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35378", "datePublished": "2023-08-08T17:08:33.069Z", "dateReserved": "2023-06-14T23:09:47.637Z", "dateUpdated": "2024-08-02T16:23:59.645Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35377
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.722Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:43.859Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377" } ], "title": "Microsoft Message Queuing Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35377", "datePublished": "2023-08-08T17:08:32.481Z", "dateReserved": "2023-06-14T23:09:47.637Z", "dateUpdated": "2024-08-02T16:23:59.722Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36906
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows Cryptographic Services Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36906", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-23T18:56:24.394541Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-23T18:56:38.263Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.651Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Cryptographic Services Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Cryptographic Services Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-170", "description": "CWE-170: Improper Null Termination", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:38.197Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Cryptographic Services Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906" } ], "title": "Windows Cryptographic Services Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36906", "datePublished": "2023-08-08T17:08:26.086Z", "dateReserved": "2023-06-27T20:29:08.606Z", "dateUpdated": "2024-08-02T17:01:09.651Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35387
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.721Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:48.938Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387" } ], "title": "Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35387", "datePublished": "2023-08-08T17:08:38.255Z", "dateReserved": "2023-06-14T23:09:47.638Z", "dateUpdated": "2024-08-02T16:23:59.721Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35382
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows Kernel Elevation of Privilege Vulnerability
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35382", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-19T18:23:29.663652Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-19T18:23:43.841Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.724Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35382" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/174450/Microsoft-Windows-Kernel-Use-After-Free.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Kernel Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:46.386Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35382" }, { "url": "http://packetstormsecurity.com/files/174450/Microsoft-Windows-Kernel-Use-After-Free.html" } ], "title": "Windows Kernel Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35382", "datePublished": "2023-08-08T17:08:35.350Z", "dateReserved": "2023-06-14T23:09:47.637Z", "dateUpdated": "2024-08-02T16:23:59.724Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36905
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36905 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36905", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T20:22:25.277029Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T20:22:31.424Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.862Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36905" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:37.670Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36905" } ], "title": "Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36905", "datePublished": "2023-08-08T17:08:25.526Z", "dateReserved": "2023-06-27T20:29:08.605Z", "dateUpdated": "2024-08-02T17:01:09.862Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35381
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows Fax Service Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35381 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35381", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:24:51.296589Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:18:22.162Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.693Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Fax Service Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35381" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Fax Service Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:45.871Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Fax Service Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35381" } ], "title": "Windows Fax Service Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35381", "datePublished": "2023-08-08T17:08:34.784Z", "dateReserved": "2023-06-14T23:09:47.637Z", "dateUpdated": "2024-08-02T16:23:59.693Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35385
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.710Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:47.918Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385" } ], "title": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35385", "datePublished": "2023-08-08T17:08:37.142Z", "dateReserved": "2023-06-14T23:09:47.638Z", "dateUpdated": "2024-08-02T16:23:59.710Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36909
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.821Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:39.731Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909" } ], "title": "Microsoft Message Queuing Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36909", "datePublished": "2023-08-08T17:08:27.831Z", "dateReserved": "2023-06-27T20:29:08.606Z", "dateUpdated": "2024-08-02T17:01:09.821Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38154
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
Windows Kernel Elevation of Privilege Vulnerability
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:30:14.123Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38154" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/174568/Microsoft-Windows-Kernel-Recovery-Memory-Corruption.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Kernel Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:33:08.534Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38154" }, { "url": "http://packetstormsecurity.com/files/174568/Microsoft-Windows-Kernel-Recovery-Memory-Corruption.html" } ], "title": "Windows Kernel Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38154", "datePublished": "2023-08-08T17:08:58.162Z", "dateReserved": "2023-07-12T23:41:45.860Z", "dateUpdated": "2024-08-02T17:30:14.123Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35379
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35379 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35379", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T18:41:20.933631Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T18:41:28.964Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.683Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35379" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:44.886Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35379" } ], "title": "Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35379", "datePublished": "2023-08-08T17:08:33.613Z", "dateReserved": "2023-06-14T23:09:47.637Z", "dateUpdated": "2024-08-02T16:23:59.683Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38170
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
HEVC Video Extensions Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38170 | vendor-advisory |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | HEVC Video Extension | |
Microsoft | HEVC Video Extensions |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-38170", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-04T01:22:51.292686Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:28:28.378Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:30:14.096Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "HEVC Video Extensions Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38170" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:hevc_video_extensions:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "HEVC Video Extension", "vendor": "Microsoft", "versions": [ { "lessThan": "2.0.61931.0", "status": "affected", "version": "1.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:hevc_video_extensions:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "HEVC Video Extensions", "vendor": "Microsoft", "versions": [ { "lessThan": "2.0.61933.0", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "HEVC Video Extensions Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:54.009Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "HEVC Video Extensions Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38170" } ], "title": "HEVC Video Extensions Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38170", "datePublished": "2023-08-08T17:08:43.944Z", "dateReserved": "2023-07-12T23:41:45.863Z", "dateUpdated": "2024-08-02T17:30:14.096Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36914
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-09-11 18:58
Severity ?
EPSS score ?
Summary
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36914 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:10.180Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36914" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-36914", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T18:56:41.355049Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T18:58:49.101Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Security Feature Bypass", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:42.289Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36914" } ], "title": "Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36914", "datePublished": "2023-08-08T17:08:30.796Z", "dateReserved": "2023-06-27T20:29:08.607Z", "dateUpdated": "2024-09-11T18:58:49.101Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35386
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows Kernel Elevation of Privilege Vulnerability
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35386", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-22T20:13:27.360887Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-22T20:13:30.530Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.701Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35386" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/174567/Microsoft-Windows-Kernel-Integer-Overflow-Out-Of-Bounds-Read.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Kernel Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:48.445Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35386" }, { "url": "http://packetstormsecurity.com/files/174567/Microsoft-Windows-Kernel-Integer-Overflow-Out-Of-Bounds-Read.html" } ], "title": "Windows Kernel Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35386", "datePublished": "2023-08-08T17:08:37.737Z", "dateReserved": "2023-06-14T23:09:47.638Z", "dateUpdated": "2024-08-02T16:23:59.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35376
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.687Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:42.793Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376" } ], "title": "Microsoft Message Queuing Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35376", "datePublished": "2023-08-08T17:08:31.367Z", "dateReserved": "2023-06-14T23:09:47.637Z", "dateUpdated": "2024-08-02T16:23:59.687Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35383
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35383 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.720Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35383" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:46.875Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35383" } ], "title": "Microsoft Message Queuing Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35383", "datePublished": "2023-08-08T17:08:35.929Z", "dateReserved": "2023-06-14T23:09:47.638Z", "dateUpdated": "2024-08-02T16:23:59.720Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36900
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows Common Log File System Driver Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.940Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Common Log File System Driver Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:36.162Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900" } ], "title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36900", "datePublished": "2023-08-08T17:08:23.820Z", "dateReserved": "2023-06-27T20:28:49.989Z", "dateUpdated": "2024-08-02T17:01:09.940Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36912
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:10.038Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:41.267Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912" } ], "title": "Microsoft Message Queuing Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36912", "datePublished": "2023-08-08T17:08:29.623Z", "dateReserved": "2023-06-27T20:29:08.606Z", "dateUpdated": "2024-08-02T17:01:10.038Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36913
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:10.038Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-908", "description": "CWE-908: Use of Uninitialized Resource", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:41.776Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913" } ], "title": "Microsoft Message Queuing Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36913", "datePublished": "2023-08-08T17:08:30.232Z", "dateReserved": "2023-06-27T20:29:08.607Z", "dateUpdated": "2024-08-02T17:01:10.038Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36882
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.827Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:34.162Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882" } ], "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36882", "datePublished": "2023-08-08T17:08:21.636Z", "dateReserved": "2023-06-27T20:28:05.992Z", "dateUpdated": "2024-08-02T17:01:09.827Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36876
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36876 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36876", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T18:42:11.942855Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T18:42:20.536Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.642Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36876" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:33.661Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36876" } ], "title": "Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36876", "datePublished": "2023-08-08T17:08:21.064Z", "dateReserved": "2023-06-27T20:28:05.990Z", "dateUpdated": "2024-08-02T17:01:09.642Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36889
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows Group Policy Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36889 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36889", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-19T18:24:36.842342Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-19T18:25:01.259Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.782Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Group Policy Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36889" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Group Policy Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:34.661Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Group Policy Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36889" } ], "title": "Windows Group Policy Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36889", "datePublished": "2023-08-08T17:08:22.160Z", "dateReserved": "2023-06-27T20:28:32.380Z", "dateUpdated": "2024-08-02T17:01:09.782Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35384
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows HTML Platforms Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35384", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-08T17:07:41.418407Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-08T17:07:54.243Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.696Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows HTML Platforms Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012_R2:10.0.0.0:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" }, { "lessThan": "10.0.0.0", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012_R2:10.0.0.0:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" }, { "lessThan": "10.0.0.0", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows HTML Platforms Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:47.390Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows HTML Platforms Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384" } ], "title": "Windows HTML Platforms Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35384", "datePublished": "2023-08-08T17:08:36.575Z", "dateReserved": "2023-06-14T23:09:47.638Z", "dateUpdated": "2024-08-02T16:23:59.696Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38172
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
Microsoft Message Queuing Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38172 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:30:14.087Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38172" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Message Queuing Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126: Buffer Over-read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:53.506Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Message Queuing Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38172" } ], "title": "Microsoft Message Queuing Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38172", "datePublished": "2023-08-08T17:08:43.361Z", "dateReserved": "2023-07-12T23:41:45.863Z", "dateUpdated": "2024-08-02T17:30:14.087Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38184
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38184 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-38184", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-23T18:57:39.355216Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-23T18:58:00.905Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:30:14.191Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38184" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:52.489Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38184" } ], "title": "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38184", "datePublished": "2023-08-08T17:08:42.283Z", "dateReserved": "2023-07-12T23:41:45.869Z", "dateUpdated": "2024-08-02T17:30:14.191Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38186
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
Windows Mobile Device Management Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-38186", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-19T18:04:08.352799Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-19T18:04:18.465Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:30:14.127Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Mobile Device Management Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Mobile Device Management Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-306", "description": "CWE-306: Missing Authentication for Critical Function", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:51.442Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Mobile Device Management Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186" } ], "title": "Windows Mobile Device Management Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-38186", "datePublished": "2023-08-08T17:08:41.118Z", "dateReserved": "2023-07-12T23:41:45.869Z", "dateUpdated": "2024-08-02T17:30:14.127Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35380
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows Kernel Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35380 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35380", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T14:20:50.894848Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:18:28.746Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.711Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35380" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Kernel Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:45.364Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35380" } ], "title": "Windows Kernel Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35380", "datePublished": "2023-08-08T17:08:34.191Z", "dateReserved": "2023-06-14T23:09:47.637Z", "dateUpdated": "2024-08-02T16:23:59.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35359
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 16:23
Severity ?
EPSS score ?
Summary
Windows Kernel Elevation of Privilege Vulnerability
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-35359", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-04T01:24:31.348616Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:18:30.072Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22216:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6003.22216", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows Kernel Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-23", "description": "CWE-23: Relative Path Traversal", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:31.573Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows Kernel Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359" }, { "url": "http://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html" } ], "title": "Windows Kernel Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-35359", "datePublished": "2023-08-08T17:08:17.717Z", "dateReserved": "2023-06-14T23:09:47.628Z", "dateUpdated": "2024-08-02T16:23:59.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36903
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Windows System Assessment Tool Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36903 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36903", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T20:23:16.796607Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T20:23:23.823Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.807Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Windows System Assessment Tool Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36903" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.4737", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1906:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1903:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.1906", "status": "affected", "version": "10.0.0", "versionType": "custom" }, { "lessThan": "10.0.20348.1903", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2295:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.2295", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3324:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19044.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.2134:*:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 11 version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22621.2134", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3324:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 22H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19045.3324", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20107:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20107", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6167:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6167", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26664:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.1.7601.26664", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24414:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.9200.24414", "status": "affected", "version": "6.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21503:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2012 R2 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "6.3.9600.21503", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Windows System Assessment Tool Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:32:36.659Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Windows System Assessment Tool Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36903" } ], "title": "Windows System Assessment Tool Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36903", "datePublished": "2023-08-08T17:08:24.373Z", "dateReserved": "2023-06-27T20:28:49.989Z", "dateUpdated": "2024-08-02T17:01:09.807Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.