Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-21919
HistoryJan 11, 2022 - 9:15 p.m.

CVE-2022-21919

2022-01-1121:15:00
CWE-59
[email protected]
web.nvd.nist.gov
920
In Wild
4
windows
user profile service
elevation of privilege
vulnerability
cve-2022-21919
nvd

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

57.9%

JSON

Windows User Profile Service Elevation of Privilege Vulnerability

VendorProductVersionCPE
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_10_1909*cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*
microsoftwindows_10_21h1*cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
microsoftwindows_server_20h2*cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 271

Social References

More

Related

checkpoint_advisories 1
cisa_kev 1
prion 1
mscve 1
hivepro 3
metasploit 1
zdt 1
attackerkb 3
malwarebytes 1
thn 1
securelist 1
threatpost 1
mskb 15
nessus 11
kaspersky 2
rapid7blog 1
checkpoint_advisories
checkpoint_advisories
Microsoft Windows User Profile Service Elevation of Privilege (CVE-2022-21919)
2022-01-11 00:00:00
cisa_kev
cisa_kev
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
2022-04-25 00:00:00
prion
prion
Privilege escalation
2022-01-11 21:15:00
mscve
mscve
Windows User Profile Service Elevation of Privilege Vulnerability
2022-01-11 08:00:00
hivepro
hivepro
Microsoftโ€™s privilege escalation vulnerability that refuses to go away
2022-03-25 13:56:19
Weekly Threat Digest: 21 โ€“ 27 March 2022
2022-03-29 13:56:10
Microsoft Patch Tuesday fixes critical zero-days along with 97 other flaws
2022-01-12 07:30:07
metasploit
metasploit
User Profile Arbitrary Junction Creation Local Privilege Elevation
2022-03-21 17:05:48
zdt
zdt
Windows User Profile Service Privlege Escalation Exploit
2022-04-12 00:00:00
attackerkb
attackerkb
CVE-2021-34484
2021-08-12 00:00:00
CVE-2022-26904
2022-04-15 00:00:00
CVE-2022-21919
2022-01-11 00:00:00
malwarebytes
malwarebytes
[updated] You can update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one
2022-01-12 17:02:25
thn
thn
First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability
2022-01-12 06:42:00
securelist
securelist
IT threat evolution in Q1 2022. Non-mobile statistics
2022-05-27 08:00:05
threatpost
threatpost
Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days
2022-01-11 21:54:57
mskb
mskb
January 11, 2022โ€”KB5009601 (Security-only update)
2022-01-11 08:00:00
January 11, 2022โ€”KB5009627 (Monthly Rollup)
2022-01-11 08:00:00
January 11, 2022โ€”KB5009621 (Security-only update)
2022-01-11 08:00:00
nessus
nessus
KB5009601: Windows Server 2008 Security Update (January 2022)
2022-01-11 00:00:00
KB5009621: Windows 7 and Windows Server 2008 R2 Security Update (January 2022)
2022-01-11 00:00:00
KB5009619: Windows Server 2012 Security Update (January 2022)
2022-01-11 00:00:00
kaspersky
kaspersky
KLA12423 Multiple vulnerabilities in Microsoft Products (ESU)
2022-01-11 00:00:00
KLA12422 Multiple vulnerabilities in Microsoft Windows
2022-01-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2022
2022-01-11 21:41:56

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

57.9%

JSON
Related for CVE-2022-21919
checkpoint_advisories1cisa_kev1prion1mscve1hivepro3metasploit1zdt1attackerkb3malwarebytes1thn1securelist1threatpost1mskb15nessus11kaspersky2rapid7blog1