Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-41049
HistoryNov 09, 2022 - 10:15 p.m.

CVE-2022-41049

2022-11-0922:15:00
CWE-269
[email protected]
web.nvd.nist.gov
555
In Wild
11
windows
mark of the web
security
feature
bypass
vulnerability
cve-2022-41049
nvd

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

6.7 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.003 Low

EPSS

Percentile

69.5%

JSON

Windows Mark of the Web Security Feature Bypass Vulnerability

VendorProductVersionCPE
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_10_21h1*cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
microsoftwindows_10_1507*cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 151

Social References

More

Related

attackerkb 1
mscve 1
prion 1
cisa_kev 1
talosblog 1
avleonov 1
thn 1
nessus 7
openvas 6
mskb 8
kaspersky 1
rapid7blog 1
attackerkb
attackerkb
CVE-2022-41049
2022-11-09 00:00:00
mscve
mscve
Windows Mark of the Web Security Feature Bypass Vulnerability
2022-11-08 08:00:00
prion
prion
Security feature bypass
2022-11-09 22:15:00
cisa_kev
cisa_kev
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
2022-11-14 00:00:00
talosblog
talosblog
Following the LNK metadata trail
2023-01-19 13:00:19
avleonov
avleonov
Microsoft Patch Tuesday November 2022: Exchange ProxyNotShell RCE, JScript9, MoTW, OpenSSL, Edge, CNG, Print Spooler
2022-11-25 20:56:48
thn
thn
Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days
2022-11-09 05:16:00
nessus
nessus
KB5019970: Windows 10 LTS 1507 Security Update (November 2022)
2022-11-08 00:00:00
KB5019961: Windows 11 Security Update (November 2022)
2022-11-08 00:00:00
KB5019980: Windows 11 22H2 Security Update (November 2022)
2022-11-08 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5019980)
2023-08-08 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5019964)
2022-11-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5019959)
2022-11-09 00:00:00
mskb
mskb
November 8, 2022—KB5019980 (OS Build 22621.819)
2023-01-26 08:00:00
November 8, 2022—KB5019970 (OS Build 10240.19567)
2023-01-26 08:00:00
November 8, 2022—KB5019961 (OS Build 22000.1219)
2023-01-26 08:00:00
kaspersky
kaspersky
KLA20047 Multiple vulnerabilities in Microsoft Windows
2022-11-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2022
2022-11-08 20:02:57

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

6.7 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.003 Low

EPSS

Percentile

69.5%

JSON
Related for CVE-2022-41049
attackerkb1mscve1prion1cisa_kev1talosblog1avleonov1thn1nessus7openvas6mskb8kaspersky1rapid7blog1