Lucene search
HistoryAug 09, 2022 - 8:15 p.m.
CVE-2022-35767
windows
sstp
remote code execution
vulnerability
cve-2022-35767
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.008
Percentile
81.9%
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Affected configurations
Node
microsoftwindows_10Match-x64
ORmicrosoftwindows_10Match-x86
ORmicrosoftwindows_10Match20h2arm64
ORmicrosoftwindows_10Match20h2x64
ORmicrosoftwindows_10Match20h2x86
ORmicrosoftwindows_10Match21h1arm64
ORmicrosoftwindows_10Match21h1x64
ORmicrosoftwindows_10Match21h1x86
ORmicrosoftwindows_10Match21h2arm64
ORmicrosoftwindows_10Match21h2x64
ORmicrosoftwindows_10Match21h2x86
ORmicrosoftwindows_10Match1607x64
ORmicrosoftwindows_10Match1607x86
ORmicrosoftwindows_10Match1809arm64
ORmicrosoftwindows_10Match1809x64
ORmicrosoftwindows_10Match1809x86
ORmicrosoftwindows_11Match-arm64
ORmicrosoftwindows_11Match-x64
ORmicrosoftwindows_7Match-sp1x64
ORmicrosoftwindows_7Match-sp1x86
ORmicrosoftwindows_8.1Match-x64
ORmicrosoftwindows_8.1Match-x86
ORmicrosoftwindows_rt_8.1Match-
ORmicrosoftwindows_server_2008Match-sp2x64
ORmicrosoftwindows_server_2008Match-sp2x86
ORmicrosoftwindows_server_2008Matchr2sp1x64
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016Match-
ORmicrosoftwindows_server_2016Match20h2
ORmicrosoftwindows_server_2019Match-
ORmicrosoftwindows_server_2022Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10 | - | cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:* |
| microsoft | windows_10 | - | cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:* |
| microsoft | windows_10 | 20h2 | cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:* |
| microsoft | windows_10 | 20h2 | cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:* |
| microsoft | windows_10 | 20h2 | cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:* |
| microsoft | windows_10 | 21h1 | cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:* |
| microsoft | windows_10 | 21h1 | cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:* |
| microsoft | windows_10 | 21h1 | cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:* |
| microsoft | windows_10 | 21h2 | cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:* |
| microsoft | windows_10 | 21h2 | cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:* |
Related
prion
prion
Remote code execution
2022-08-09 20:15:00
mscve
mscve
cve
cve
CVE-2022-35767
2022-08-09 20:15:12
cvelist
cvelist
mskb
mskb
August 9, 2022âKB5016686 (Security-only update)
2022-10-11 07:00:00
August 9, 2022âKB5016669 (Monthly Rollup)
2022-10-11 07:00:00
August 9, 2022âKB5016676 (Monthly Rollup)
2022-10-11 07:00:00
nessus
nessus
KB5016686: Windows Server 2008 Security Update (August 2022)
2022-08-09 00:00:00
KB5016684: Windows Server 2012 Security Update (August 2022)
2022-08-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5016676)
2022-08-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5016681)
2022-08-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5016639)
2022-08-10 00:00:00
kaspersky
kaspersky
KLA12603 Multiple vulnerabilities in Microsoft Products (ESU)
2022-08-09 00:00:00
KLA12602 Multiple vulnerabilities in Microsoft Windows
2022-08-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2022
2022-08-09 19:34:51
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.008
Percentile
81.9%
Related for NVD:CVE-2022-35767