Lucene search

K
mscveMicrosoftMS:CVE-2021-38624
HistorySep 14, 2021 - 7:00 a.m.

Windows Key Storage Provider Security Feature Bypass Vulnerability

2021-09-1407:00:00
Microsoft
msrc.microsoft.com
46
windows key storage provider
security feature bypass
vulnerability
microsoft

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

28.0%

Affected configurations

Vulners
Node
microsoftwindows_11_21h2Range<10.0.22000.258arm64
OR
microsoftwindows_11_21h2Range<10.0.22000.258x64
OR
microsoftwindows_server_20h2Range<10.0.19042.1288
OR
microsoftwindows_10_20h2Range<10.0.19042.1288arm64
OR
microsoftwindows_10_20h2Range<10.0.19042.1288
OR
microsoftwindows_10_20h2Range<10.0.19042.1288x64
OR
microsoftwindows_server_2004Range<10.0.19041.1288
OR
microsoftwindows_10_2004Range<10.0.19041.1288
OR
microsoftwindows_10_2004Range<10.0.19041.1288
OR
microsoftwindows_10_2004Range<10.0.19041.1288
OR
microsoftwindows_server_2022Range<10.0.20348.288
OR
microsoftwindows_server_2022Range<10.0.20348.288
OR
microsoftwindows_10_21h1Range<10.0.19043.1288
OR
microsoftwindows_10_21h1Range<10.0.19043.1288arm64
OR
microsoftwindows_10_21h1Range<10.0.19043.1288x64
OR
microsoftwindows_10_1909Range<10.0.18363.1854
OR
microsoftwindows_10_1909Range<10.0.18363.1854
OR
microsoftwindows_10_1909Range<10.0.18363.1854
OR
microsoftwindows_server_2019Range<10.0.17763.2237
OR
microsoftwindows_server_2019Range<10.0.17763.2237
OR
microsoftwindows_10_1809Range<10.0.17763.2237arm64
OR
microsoftwindows_10_1809Range<10.0.17763.2237x64
OR
microsoftwindows_10_1809Range<10.0.17763.2237
VendorProductVersionCPE
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*
microsoftwindows_server_20h2*cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:arm64:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:x64:*
microsoftwindows_server_2004*cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
microsoftwindows_10_2004*cpe:2.3:o:microsoft:windows_10_2004:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_10_21h1*cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 171

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

28.0%