Lucene search

K
mscveMicrosoftMS:CVE-2024-43624
HistoryNov 12, 2024 - 8:00 a.m.

Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability

2024-11-1208:00:00
Microsoft
msrc.microsoft.com
12
windows
hyper-v
privilege
vulnerability

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

17.5%

Affected configurations

Vulners
Node
microsoftwindows_server_2025Range<10.0.26100.2314
OR
microsoftwindows_server_2025Range<10.0.26100.2240
OR
microsoftwindows_server_2025Range<10.0.26100.2314
OR
microsoftwindows_server_2025Range<10.0.26100.2240
OR
microsoftwindows_11_24h2Range<10.0.26100.2314
OR
microsoftwindows_11_24h2Range<10.0.26100.2240
OR
microsoftwindows_11_24h2Range<10.0.26100.2314
OR
microsoftwindows_11_24h2Range<10.0.26100.2240
OR
microsoftwindows_server_23h2Range<10.0.25398.1251
OR
microsoftwindows_11_23h2Range<10.0.22631.4460
OR
microsoftwindows_11_23h2Range<10.0.22631.4460
OR
microsoftwindows_10_22h2Range<10.0.19045.5131
OR
microsoftwindows_11_22h2Range<10.0.22621.4460
OR
microsoftwindows_11_22h2Range<10.0.22621.4460
OR
microsoftwindows_10_21h2Range<10.0.19044.5131
OR
microsoftwindows_server_2022Range<10.0.20348.2849
OR
microsoftwindows_server_2022Range<10.0.20348.2819
OR
microsoftwindows_server_2022Range<10.0.20348.2849
OR
microsoftwindows_server_2022Range<10.0.20348.2819
OR
microsoftwindows_server_2019Range<10.0.17763.6532
OR
microsoftwindows_server_2019Range<10.0.17763.6532
OR
microsoftwindows_10_1809Range<10.0.17763.6532
VendorProductVersionCPE
microsoftwindows_server_2025*cpe:2.3:a:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
microsoftwindows_11_24h2*cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
microsoftwindows_server_23h2*cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
microsoftwindows_11_23h2*cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
microsoftwindows_10_22h2*cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
microsoftwindows_11_22h2*cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
microsoftwindows_server_2022*cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
microsoftwindows_server_2019*cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

17.5%