Lucene search
MicrosoftMS:CVE-2023-38144HistorySep 12, 2023 - 7:00 a.m.
Windows Common Log File System Driver Elevation of Privilege Vulnerability
2023-09-1207:00:00
Microsoft
msrc.microsoft.com
76
microsoft
elevation of privilege
security
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
18.9%
Affected configurations
Node
microsoftwindows_server_2008Range<6.1.7601.26713r2
ORmicrosoftwindows_server_2008Range<6.1.7601.26713r2
ORmicrosoftwindows_server_2012Range<6.3.9600.21563r2
ORmicrosoftwindows_server_2012Range<6.3.9600.21563r2
ORmicrosoftwindows_server_2012Range<6.3.9600.21563r2
ORmicrosoftwindows_server_2012Range<6.3.9600.21563r2
ORmicrosoftwindows_server_2012Range<6.2.9200.24462
ORmicrosoftwindows_server_2012Range<6.2.9200.24462
ORmicrosoftwindows_server_2012Range<6.2.9200.24462
ORmicrosoftwindows_server_2012Range<6.2.9200.24462
ORmicrosoftwindows_server_2008Range<6.1.7601.26713r2
ORmicrosoftwindows_server_2008Range<6.1.7601.26713r2
ORmicrosoftwindows_server_2008Range<6.0.6003.22264sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22262sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22264sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22262sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22264sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22264sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22264sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22264sp2
ORmicrosoftwindows_server_2016Range<10.0.14393.6252
ORmicrosoftwindows_server_2016Range<10.0.14393.6252
ORmicrosoftwindows_10_1607Range<10.0.14393.6252
ORmicrosoftwindows_10_1607Range<10.0.14393.6252
ORmicrosoftwindows_10_1507Range<10.0.10240.20162
ORmicrosoftwindows_10_1507Range<10.0.10240.20162
ORmicrosoftwindows_10_22h2Range<10.0.19045.3448
ORmicrosoftwindows_10_22h2Range<10.0.19045.3448
ORmicrosoftwindows_10_22h2Range<10.0.19045.3448
ORmicrosoftwindows_11_22h2Range<10.0.22621.2283
ORmicrosoftwindows_11_22h2Range<10.0.22621.2283
ORmicrosoftwindows_10_21h2Range<10.0.19044.3448
ORmicrosoftwindows_10_21h2Range<10.0.19044.3448
ORmicrosoftwindows_10_21h2Range<10.0.19044.3448
ORmicrosoftwindows_11_21h2Range<10.0.22000.2416
ORmicrosoftwindows_11_21h2Range<10.0.22000.2416
ORmicrosoftwindows_server_2022Range<10.0.20348.1970
ORmicrosoftwindows_server_2022Range<10.0.20348.1964
ORmicrosoftwindows_server_2022Range<10.0.20348.1970
ORmicrosoftwindows_server_2022Range<10.0.20348.1964
ORmicrosoftwindows_server_2019Range<10.0.17763.4851
ORmicrosoftwindows_server_2019Range<10.0.17763.4851
ORmicrosoftwindows_10_1809Range<10.0.17763.4851
ORmicrosoftwindows_10_1809Range<10.0.17763.4851
ORmicrosoftwindows_10_1809Range<10.0.17763.4851
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:*:*:*:*:*:* |
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:r2:*:*:*:*:*:* |
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1507 | * | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:* |
| microsoft | windows_10_22h2 | * | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
| microsoft | windows_10_21h2 | * | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
Related
zdi
zdi
nvd
nvd
CVE-2023-38144
2023-09-12 17:15:17
vulnrichment
vulnrichment
prion
prion
Privilege escalation
2023-09-12 17:15:00
cve
cve
CVE-2023-38144
2023-09-12 17:15:17
cvelist
cvelist
mskb
mskb
September 12, 2023โKB5030271 (Monthly Rollup)
2023-09-12 07:00:00
September 12, 2023โKB5030286 (Security-only update)
2023-09-12 07:00:00
September 12, 2023โKB5030261 (Security-only update)
2023-09-12 07:00:00
nessus
nessus
KB5030286: Windows Server 2008 Security Update (September 2023)
2023-09-12 00:00:00
KB5030220: Windows 10 LTS 1507 Security Update (September 2023)
2023-09-12 00:00:00
KB5030261: Windows Server 2008 R2 Security Update (September 2023)
2023-09-12 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5030220)
2023-09-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5030213)
2023-09-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5030211)
2023-09-13 00:00:00
kaspersky
kaspersky
KLA60563 Multiple vulnerabilities in Microsoft Products (ESU)
2023-09-12 00:00:00
KLA60566 Multiple vulnerabilities in Microsoft Windows
2023-09-12 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, September 2023 Security Update Review
2023-09-12 19:20:31
rapid7blog
rapid7blog
Patch Tuesday - September 2023
2023-09-12 22:55:55
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
18.9%
Related for MS:CVE-2023-38144