Lucene search

[email protected]NVD:CVE-2023-28225

HistoryApr 11, 2023 - 9:15 p.m.

CVE-2023-28225

2023-04-1121:15:23

CWE-122

[email protected]

web.nvd.nist.gov

windows

ntlm

elevation

privilege

vulnerability

cve-2023-28225

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON

Windows NTLM Elevation of Privilege Vulnerability

Affected configurations

NVD

Node

microsoftwindows_10_1507Range<10.0.10240.19869

microsoftwindows_10_1607Range<10.0.14393.5850

microsoftwindows_10_1809Range<10.0.17763.4252

microsoftwindows_10_20h2Range<10.0.19042.2846

microsoftwindows_10_21h2Range<10.0.19044.2846

microsoftwindows_10_22h2Range<10.0.19045.2846

microsoftwindows_11_21h2Range<10.0.22000.1817

microsoftwindows_11_22h2Range<10.0.22621.1555

microsoftwindows_server_2016Match-

microsoftwindows_server_2019Match-

microsoftwindows_server_2022Match-

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28225

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON

Related for NVD:CVE-2023-28225

mscve1 cve1 prion1 cvelist1 mskb7 nessus7 openvas5 kaspersky1 rapid7blog1