Lucene search

[email protected]CVE-2022-21921

HistoryJan 11, 2022 - 9:15 p.m.

CVE-2022-21921

2022-01-1121:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2022-21921

nvd

windows defender

credential guard

security feature bypass

vulnerability

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

8.8%

JSON

Windows Defender Credential Guard Security Feature Bypass Vulnerability

VendorProductVersionCPE
microsoftwindows_10_21h1*cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
microsoftwindows_server_20h2*cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_10_21h1	*	cpe:2.3:o:microsoft:windows_10_21h1::::::::
microsoft	windows_server_2022	*	cpe:2.3:o:microsoft:windows_server_2022::::::::
microsoft	windows_10_20h2	*	cpe:2.3:o:microsoft:windows_10_20h2::::::::
microsoft	windows_server_20h2	*	cpe:2.3:o:microsoft:windows_server_20h2::::::::
microsoft	windows_11_21h2	*	cpe:2.3:o:microsoft:windows_11_21h2::::::::
microsoft	windows_10_21h2	*	cpe:2.3:o:microsoft:windows_10_21h2::::::::
microsoft	windows_10_21h2	*	cpe:2.3:o:microsoft:windows_10_21h2::::::::