The vulnerability of the Windows Common Log File System (CLFS) driver in the Microsoft operating system allows a hacker to disclose protected information.

🗓️ 28 Mar 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

A Windows Common Log File System driver vulnerability with insufficient input validation could allow disclosure of protected information.

Reporter	Title	Published	Views	Family All 50
ATTACKERKB	CVE-2022-23281	9 Mar 202217:15	–	attackerkb
Circl	CVE-2022-23281	9 Mar 202220:18	–	circl
CNNVD	Microsoft Windows Common Log File System Driver 信息泄露漏洞	8 Mar 202200:00	–	cnnvd
CNVD	Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability (CNVD-2022-84602)	10 Mar 202200:00	–	cnvd
CVE	CVE-2022-23281	9 Mar 202217:06	–	cve
Cvelist	CVE-2022-23281 Windows Common Log File System Driver Information Disclosure Vulnerability	9 Mar 202217:06	–	cvelist
EUVD	EUVD-2022-28367	3 Oct 202520:07	–	euvd
Microsoft KB	March 8, 2022—KB5011485 (OS Build 18363.2158)	8 Mar 202208:00	–	mskb
Microsoft KB	March 8, 2022—KB5011487 (OS Builds 19042.1586, 19043.1586, and 19044.1586)	8 Mar 202208:00	–	mskb
Microsoft KB	March 8, 2022—KB5011491 (OS Build 10240.19235) - EXPIRED	8 Mar 202208:00	–	mskb

Source	Link
msrc	www.msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23281
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022030817
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-497/
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-497/

28 Mar 2022 00:00Current

6Medium risk

Vulners AI Score6

CVSS 24.9

CVSS 35.5

EPSS0.00533

Windows Common Log File System Input validation Information disclosure Protected data Driver vulnerability