Lucene search
MicrosoftCVELIST:CVE-2023-35317HistoryJul 11, 2023 - 5:02 p.m.
CVE-2023-35317 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
2023-07-1117:02:36
CWE-502
microsoft
www.cve.org
windows server
update service
elevation of privilege
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.5%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1850:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.1850",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24374:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24374",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24374:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24374",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21063:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21075:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.21063",
"versionType": "custom",
"status": "affected"
},
{
"version": "6.3.0",
"lessThan": "6.3.9600.21075",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21063:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21075:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.21063",
"versionType": "custom",
"status": "affected"
},
{
"version": "6.3.0",
"lessThan": "6.3.9600.21075",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cve
cve
CVE-2023-35317
2023-07-11 18:15:17
mscve
mscve
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
2023-07-11 07:00:00
nvd
nvd
CVE-2023-35317
2023-07-11 18:15:17
vulnrichment
vulnrichment
prion
prion
Privilege escalation
2023-07-11 18:15:00
mskb
mskb
July 11, 2023âKB5028233 (Security-only update)
2023-07-11 07:00:00
July 11, 2023âKB5028232 (Monthly Rollup)
2023-07-11 07:00:00
July 11, 2023âKB5028228 (Monthly Rollup)
2023-07-11 07:00:00
nessus
nessus
KB5028233: Windows Server 2012 Security Update (July 2023)
2023-07-11 00:00:00
KB5028223: Windows Server 2012 R2 Security Update (July 2023)
2023-07-11 00:00:00
kaspersky
kaspersky
KLA50775 Multiple vulnerabilities in Microsoft Products (ESU)
2023-07-11 00:00:00
KLA50774 Multiple vulnerabilities in Microsoft Windows
2023-07-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5028169)
2023-07-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5028168)
2023-07-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2023
2023-07-11 21:50:34
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.5%
Related for CVELIST:CVE-2023-35317