Lucene search
MicrosoftMS:CVE-2024-38217HistorySep 10, 2024 - 7:00 a.m.
Windows Mark of the Web Security Feature Bypass Vulnerability
2024-09-1007:00:00
Microsoft
msrc.microsoft.com
1
windows
mark of the web
security
bypass
vulnerability
microsoft
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
68.3%
Affected configurations
Node
microsoftwindows_server_2012Range<6.3.9600.22175r2
ORmicrosoftwindows_server_2012Range<6.2.9200.25073
ORmicrosoftwindows_server_2012Range<6.2.9200.25073
ORmicrosoftwindows_server_2008Range<6.1.7601.27320r2
ORmicrosoftwindows_server_2008Range<6.1.7601.27320r2
ORmicrosoftwindows_server_2008Range<6.1.7601.27320r2
ORmicrosoftwindows_server_2008Range<6.1.7601.27320r2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2012Range<6.3.9600.22175r2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2008Range<6.0.6003.22870sp2
ORmicrosoftwindows_server_2016Range<10.0.14393.7336
ORmicrosoftwindows_server_2016Range<10.0.14393.7336
ORmicrosoftwindows_10_1607Range<10.0.14393.7336
ORmicrosoftwindows_10_1607Range<10.0.14393.7336
ORmicrosoftwindows_10_1507Range<10.0.10240.20766
ORmicrosoftwindows_10_1507Range<10.0.10240.20766
ORmicrosoftwindows_11_24h2Range<10.0.26100.1742
ORmicrosoftwindows_11_24h2Range<10.0.26100.1742
ORmicrosoftwindows_server_23h2Range<10.0.25398.1128
ORmicrosoftwindows_11_23h2Range<10.0.22631.4169
ORmicrosoftwindows_11_23h2Range<10.0.22631.4169
ORmicrosoftwindows_10_22h2Range<10.0.19045.4894
ORmicrosoftwindows_10_22h2Range<10.0.19045.4894
ORmicrosoftwindows_10_22h2Range<10.0.19045.4894
ORmicrosoftwindows_11_22h2Range<10.0.22621.4169
ORmicrosoftwindows_11_22h2Range<10.0.22621.4169
ORmicrosoftwindows_10_21h2Range<10.0.19044.4894
ORmicrosoftwindows_10_21h2Range<10.0.19044.4894
ORmicrosoftwindows_10_21h2Range<10.0.19044.4894
ORmicrosoftwindows_11_21h2Range<10.0.22000.3197
ORmicrosoftwindows_11_21h2Range<10.0.22000.3197
ORmicrosoftwindows_server_2022Range<10.0.20348.2700
ORmicrosoftwindows_server_2022Range<10.0.20348.2695
ORmicrosoftwindows_server_2022Range<10.0.20348.2700
ORmicrosoftwindows_server_2022Range<10.0.20348.2695
ORmicrosoftwindows_server_2019Range<10.0.17763.6293
ORmicrosoftwindows_server_2019Range<10.0.17763.6293
ORmicrosoftwindows_10_1809Range<10.0.17763.6293
ORmicrosoftwindows_10_1809Range<10.0.17763.6293
ORmicrosoftwindows_10_1809Range<10.0.17763.6293
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:r2:*:*:*:*:*:* |
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1507 | * | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:* |
| microsoft | windows_11_24h2 | * | cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* |
| microsoft | windows_server_23h2 | * | cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_23h2 | * | cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2024-38217
2024-09-10 17:15:24
vulnrichment
vulnrichment
CVE-2024-38217 Windows Mark of the Web Security Feature Bypass Vulnerability
2024-09-10 16:53:55
attackerkb
attackerkb
CVE-2024-38217
2024-09-10 00:00:00
cvelist
cvelist
CVE-2024-38217 Windows Mark of the Web Security Feature Bypass Vulnerability
2024-09-10 16:53:55
cisa_kev
cisa_kev
cve
cve
CVE-2024-38217
2024-09-10 17:15:24
krebs
krebs
Bug Left Some Windows PCs Dangerously Unpatched
2024-09-10 21:46:21
thn
thn
talosblog
talosblog
nessus
nessus
KB5043087: Windows Server 2008 Security Update (September 2024)
2024-09-10 00:00:00
KB5043092: Windows Server 2008 R2 Security Update (September 2024)
2024-09-10 00:00:00
KB5043125: Windows Server 2012 Security Update (September 2024)
2024-09-10 00:00:00
mskb
mskb
September 10, 2024โKB5043129 (Monthly Rollup)
2024-09-10 07:00:00
September 10, 2024โKB5043087 (Security-only update)
2024-09-10 07:00:00
September 10, 2024โKB5043135 (Monthly Rollup)
2024-09-10 07:00:00
kaspersky
kaspersky
KLA73222 Multiple vulnerabilities in Microsoft Products (ESU)
2024-09-10 00:00:00
KLA73227 Multiple vulnerabilities in Microsoft Windows
2024-09-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5043083)
2024-09-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5043067)
2024-09-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5043064)
2024-09-11 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, September 2024 Security Update Review
2024-09-10 19:31:38
rapid7blog
rapid7blog
Patch Tuesday - September 2024
2024-09-10 20:49:21
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
5.6
Confidence
High
EPSS
0.003
Percentile
68.3%
Related for MS:CVE-2024-38217