Lucene search

K
mscveMicrosoftMS:CVE-2021-38628
HistorySep 14, 2021 - 7:00 a.m.

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

2021-09-1407:00:00
Microsoft
msrc.microsoft.com
59
windows
winsock
elevation
privilege
vulnerability
microsoft

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0

Percentile

9.5%

Affected configurations

Vulners
Node
microsoftwindows_server_2012Range<6.3.9600.20120r2
OR
microsoftwindows_server_2012Range<6.3.9600.20120r2
OR
microsoftwindows_server_2012Range<6.3.9600.20120r2
OR
microsoftwindows_server_2012Range<6.3.9600.20120r2
OR
microsoftwindows_server\,_1803_\(server_core_installation\)Range<6.2.9200.23462
OR
microsoftwindows_server\,_1803_\(server_core_installation\)Range<6.2.9200.23462
OR
microsoftwindows_server_2012Range<6.2.9200.23462
OR
microsoftwindows_server_2012Range<6.2.9200.23462
OR
microsoftwindows_server_2008_r2_x64-based_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_server_2008_r2_x64-based_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_server_2008_r2_x64-based_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_server_2008_r2_x64-based_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_server_2008_x64-based_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_server_2008_x64-based_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_server_2008_x64-based_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_server_2008_x64-based_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_server_2008_32-bit_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_server_2008_32-bit_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_server_2008_32-bit_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_server_2008_32-bit_systemsRange<6.0.6003.21218sp2
OR
microsoftwindows_rt_8.1Range<6.3.9600.20120
OR
microsoftwindows_8.1Range<6.3.9600.20120x64
OR
microsoftwindows_8.1Range<6.3.9600.20120x64
OR
microsoftwindows_10_32-bit_systemsRange<6.3.9600.20120
OR
microsoftwindows_10_32-bit_systemsRange<6.3.9600.20120
OR
microsoftwindows_7_x64-based_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_7_x64-based_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_7_32-bit_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_7_32-bit_systemsRange<6.1.7601.25712sp1
OR
microsoftwindows_server\,_1803_\(server_core_installation\)Range<10.0.14393.4651
OR
microsoftwindows_server_2016Range<10.0.14393.4651
OR
microsoftwindows_10_x64-based_systemsRange<10.0.14393.4651
OR
microsoftwindows_10_32-bit_systemsRange<10.0.14393.4651
OR
microsoftwindows_10_x64-based_systemsRange<10.0.10240.19060
OR
microsoftwindows_10_32-bit_systemsRange<10.0.10240.19060
OR
microsoftwindows_server_version_20h2_naRange<10.0.19042.1237
OR
microsoftwindows_10_20h2Range<10.0.19042.1237arm64
OR
microsoftwindows_10_32-bit_systemsRange<10.0.19042.1237
OR
microsoftwindows_10_x64-based_systemsRange<10.0.19042.1237
OR
microsoftwindows_server_version_2004Range<10.0.19041.1237
OR
microsoftwindows_10_2004_for_x64-based_systemsRange<10.0.19041.1237
OR
microsoftwindows_10_2004_for_arm64-based_systemsRange<10.0.19041.1237
OR
microsoftwindows_10_2004_for_32-bit_systemsRange<10.0.19041.1237
OR
microsoftwindows_server\,_1803_\(server_core_installation\)Range<10.0.20348.230
OR
microsoftwindows_server_2022Range<10.0.20348.230
OR
microsoftwindows_10_32-bit_systemsRange<10.0.19043.1237
OR
microsoftwindows_10_21h1Range<10.0.19043.1237arm64
OR
microsoftwindows_10_x64-based_systemsRange<10.0.19043.1237
OR
microsoftwindows_10_1909_for_arm64-based_systemsRange<10.0.18363.1801
OR
microsoftwindows_10_1909_for_x64-based_systemsRange<10.0.18363.1801
OR
microsoftwindows_10_1909_for_32-bit_systemsRange<10.0.18363.1801
OR
microsoftwindows_server\,_1803_\(server_core_installation\)Range<10.0.17763.2183
OR
microsoftwindows_server_2019Range<10.0.17763.2183
OR
microsoftwindows_10_1809_for_arm64-based_systemsRange<10.0.17763.2183
OR
microsoftwindows_10_1809_for_x64-based_systemsRange<10.0.17763.2183
OR
microsoftwindows_10_1809_for_32-bit_systemsRange<10.0.17763.2183
VendorProductVersionCPE
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:r2:*:*:*:*:*:*
microsoftwindows_server\,_1803_\(server_core_installation\)*cpe:2.3:o:microsoft:windows_server\,_1803_\(server_core_installation\):*:*:*:*:*:*:*:*
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
microsoftwindows_server_2008_r2_x64-based_systems*cpe:2.3:a:microsoft:windows_server_2008_r2_x64-based_systems:*:sp1:*:*:*:*:*:*
microsoftwindows_server_2008_x64-based_systems*cpe:2.3:a:microsoft:windows_server_2008_x64-based_systems:*:sp2:*:*:*:*:*:*
microsoftwindows_server_2008_32-bit_systems*cpe:2.3:a:microsoft:windows_server_2008_32-bit_systems:*:sp2:*:*:*:*:*:*
microsoftwindows_rt_8.1*cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
microsoftwindows_8.1*cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*
microsoftwindows_10_32-bit_systems*cpe:2.3:a:microsoft:windows_10_32-bit_systems:*:*:*:*:*:*:*:*
microsoftwindows_7_x64-based_systems*cpe:2.3:a:microsoft:windows_7_x64-based_systems:*:sp1:*:*:*:*:*:*
Rows per page:
1-10 of 281

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0

Percentile

9.5%