Lucene search
HistoryApr 11, 2023 - 9:15 p.m.
CVE-2023-28268
cve-2023
28268
netlogon
rpc
elevation of privilege
vulnerability
nvd
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
51.8%
Netlogon RPC Elevation of Privilege Vulnerability
Affected configurations
Node
microsoftwindows_server_2019Range10.0.0â10.0.17763.4252
ORmicrosoftwindows_server_2019Range10.0.0â10.0.17763.4252
ORmicrosoftwindows_server_2022Range10.0.0â10.0.20348.1668
ORmicrosoftwindows_server_2016Range10.0.0â10.0.14393.5850
ORmicrosoftwindows_server_2016Range10.0.0â10.0.14393.5850
ORmicrosoftwindows_server_2008_sp2Range6.0.0â6.0.6003.22015sp2
ORmicrosoftwindows_server_2008_sp2Range6.0.0â6.0.6003.22015sp2
ORmicrosoftwindows_server_2008_sp2Range6.0.0â6.0.6003.22015sp2
ORmicrosoftwindows_server_2008_r2_sp1Range6.1.0â6.1.7601.26466sp1
ORmicrosoftwindows_server_2008_r2_sp1Range6.0.0â6.1.7601.26466sp1
ORmicrosoftwindows_server_2012Range6.2.0â6.2.9200.24216
ORmicrosoftwindows_server_2012Range6.2.0â6.2.9200.24216
ORmicrosoftwindows_server_2012_r2Range6.3.0â6.3.9600.20919
ORmicrosoftwindows_server_2012_r2Range6.3.0â6.3.9600.20919
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2008_sp2 | * | cpe:2.3:o:microsoft:windows_server_2008_sp2:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008_sp2 | * | cpe:2.3:o:microsoft:windows_server_2008_sp2:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008_sp2 | * | cpe:2.3:o:microsoft:windows_server_2008_sp2:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008_r2_sp1 | * | cpe:2.3:o:microsoft:windows_server_2008_r2_sp1:*:sp1:*:*:*:*:*:* |
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4252:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4252",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4252:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4252",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1668:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.1668",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5850",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5850",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22015:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.22015",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22015:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22015:*:*:*:*:*:x86:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.22015",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22015:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.22015",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 R2 Service Pack 1",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26466:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.1.0",
"lessThan": "6.1.7601.26466",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26466:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.1.7601.26466",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24216:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24216",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24216:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24216",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20919:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.20919",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20919:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.20919",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
mscve
mscve
Netlogon RPC Elevation of Privilege Vulnerability
2023-04-11 07:00:00
vulnrichment
vulnrichment
CVE-2023-28268 Netlogon RPC Elevation of Privilege Vulnerability
2023-04-11 19:13:45
prion
prion
Privilege escalation
2023-04-11 21:15:00
cvelist
cvelist
CVE-2023-28268 Netlogon RPC Elevation of Privilege Vulnerability
2023-04-11 19:13:45
nvd
nvd
CVE-2023-28268
2023-04-11 21:15:25
nessus
nessus
KB5025273: Windows Server 2008 Security Update (April 2023)
2023-04-11 00:00:00
KB5025277: Windows Server 2008 R2 Security Update (April 2023)
2023-04-11 00:00:00
mskb
mskb
April 11, 2023âKB5025271 (Monthly Rollup)
2023-04-11 07:00:00
April 11, 2023âKB5025273 (Security-only update)
2023-04-11 07:00:00
April 11, 2023âKB5025277 (Security-only update)
2023-04-11 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5025279)
2023-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5025285)
2023-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5025287)
2023-04-12 00:00:00
kaspersky
kaspersky
KLA48842 Multiple vulnerabilities in Microsoft Products (ESU)
2023-04-11 00:00:00
KLA48845 Multiple vulnerabilities in Microsoft Windows
2023-04-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - April 2023
2023-04-11 22:49:56
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
51.8%
Related for CVE-2023-28268