Lucene search
MicrosoftCVELIST:CVE-2023-21800HistoryFeb 14, 2023 - 7:33 p.m.
CVE-2023-21800 Windows Installer Elevation of Privilege Vulnerability
2023-02-1419:33:05
CWE-73
microsoft
www.cve.org
2
windows installer privilege vulnerability
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.3%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21915:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.21915",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21915:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21915:*:*:*:*:*:x86:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.21915",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21915:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.21915",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 R2 Service Pack 1",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26366:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.1.0",
"lessThan": "6.1.7601.26366",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26366:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.1.7601.26366",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cve
cve
CVE-2023-21800
2023-02-14 20:15:15
mscve
mscve
Windows Installer Elevation of Privilege Vulnerability
2023-02-14 08:00:00
prion
prion
Privilege escalation
2023-02-14 20:15:00
nvd
nvd
CVE-2023-21800
2023-02-14 20:15:15
mskb
mskb
February 14, 2023âKB5022872 (Monthly Rollup)
2023-02-14 08:00:00
February 14, 2023âKB5022893 (Security-only update)
2023-02-14 08:00:00
February 14, 2023âKB5022890 (Monthly Rollup)
2023-02-14 08:00:00
nessus
nessus
KB5022893: Windows Server 2008 Security Update (February 2023)
2023-02-14 00:00:00
KB5022874: Windows Server 2008 R2 Security Update (February 2023)
2023-02-14 00:00:00
kaspersky
kaspersky
KLA20225 Multiple vulnerabilities in Microsoft Products (ESU)
2023-02-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2023
2023-02-15 00:41:59
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.3%
Related for CVELIST:CVE-2023-21800