Lucene search

MicrosoftMS:CVE-2022-26916

HistoryApr 12, 2022 - 8:00 a.m.

Windows Fax Compose Form Remote Code Execution Vulnerability

2022-04-1208:00:00

Microsoft

msrc.microsoft.com

116

windows

fax

compose

form

remote code execution

vulnerability

microsoft

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.348

Percentile

97.2%

JSON

Affected configurations

Vulners

Node

microsoftwindows_server_2008Range<6.0.6003.21446sp2

microsoftwindows_rt_8.1Range<6.3.9600.20337

microsoftwindows_10_1507Range<10.0.10240.19265

microsoftwindows_10_21h2Range<10.0.19044.1645

microsoftwindows_10_21h2Range<10.0.19043.1645

microsoftwindows_11_21h2Range<10.0.22000.613

microsoftwindows_server_20h2Range<10.0.19042.1645

microsoftwindows_10_20h2Range<10.0.19042.1645

microsoftwindows_server_2022Range<10.0.20348.643

microsoftwindows_10_21h1Range<10.0.19043.1645

microsoftwindows_10_1809Range<10.0.18363.2212

microsoftwindows_10_1909Range<10.0.18363.2212

microsoftwindows_server_2019Range<10.0.17763.2803

microsoftwindows_10_1809Range<10.0.17763.2803

microsoftwindows_8.1Range<6.3.9600.20337

microsoftwindows_7Range<6.1.7601.25924

microsoftwindows_server_2016Range<10.0.14393.5066

microsoftwindows_10_1607Range<10.0.14393.5066

microsoftwindows_server_2012Range<6.3.9600.20337r2

microsoftwindows_server_2012Range<6.2.9200.23679

microsoftwindows_server_2008Range<6.1.7601.25924r2

microsoftwindows_server_2008Range<6.0.6003.21446sp2

VendorProductVersionCPE
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
microsoftwindows_rt_8.1*cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
microsoftwindows_10_1507*cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
microsoftwindows_11_21h2*cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
microsoftwindows_server_20h2*cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:*
microsoftwindows_10_20h2*cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_10_21h1*cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_server_2008	*	cpe:2.3:o:microsoft:windows_server_2008::sp2::::::*
microsoft	windows_rt_8.1	*	cpe:2.3:o:microsoft:windows_rt_8.1::::::::
microsoft	windows_10_1507	*	cpe:2.3:o:microsoft:windows_10_1507::::::::
microsoft	windows_10_21h2	*	cpe:2.3:o:microsoft:windows_10_21h2::::::::
microsoft	windows_11_21h2	*	cpe:2.3:o:microsoft:windows_11_21h2::::::::
microsoft	windows_server_20h2	*	cpe:2.3:o:microsoft:windows_server_20h2::::::::
microsoft	windows_10_20h2	*	cpe:2.3:o:microsoft:windows_10_20h2::::::::
microsoft	windows_server_2022	*	cpe:2.3:o:microsoft:windows_server_2022::::::::
microsoft	windows_10_21h1	*	cpe:2.3:o:microsoft:windows_10_21h1::::::::
microsoft	windows_10_1809	*	cpe:2.3:o:microsoft:windows_10_1809::::::::