CVE-2024-30072

2024-06-1117:15:53

CWE-190

[email protected]

web.nvd.nist.gov

microsoft event trace log parsing remote code execution vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

19.6%

JSON

Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability

Affected configurations

Vulners

NVD

Node

microsoftwindows_11_22h2Range10.0.0–10.0.22621.3737

microsoftwindows_11_22h3Range10.0.0–10.0.22631.3737

microsoftwindows_11_23h2Range10.0.0–10.0.22631.3737

microsoftwindows_server_23h2Range10.0.0–10.0.25398.950

CPENameOperatorVersion
microsoft:windows_11_22h2microsoft windows 11 22h2lt10.0.22621.3737
microsoft:windows_11_23h2microsoft windows 11 23h2lt10.0.22631.3737
microsoft:windows_server_2022_23h2microsoft windows server 2022 23h2lt10.0.25398.950

CPE	Name	Operator	Version
microsoft:windows_11_22h2	microsoft windows 11 22h2	lt	10.0.22621.3737
microsoft:windows_11_23h2	microsoft windows 11 23h2	lt	10.0.22631.3737
microsoft:windows_server_2022_23h2	microsoft windows server 2022 23h2	lt	10.0.25398.950

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 22H2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3737:*:*:*:*:*:arm64:*",
      "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3737:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "ARM64-based Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.22621.3737",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 version 22H3",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3737:*:*:*:*:*:arm64:*"
    ],
    "platforms": [
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.22631.3737",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 11 Version 23H2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3737:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.22631.3737",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_23h2:10.0.25398.950:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.25398.950",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]