Lucene search

K
nvd[email protected]NVD:CVE-2023-35336
HistoryJul 11, 2023 - 6:15 p.m.

CVE-2023-35336

2023-07-1118:15:18
CWE-20
web.nvd.nist.gov
1
windows
mshtml
platform
security
bypass
vulnerability

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

45.5%

Windows MSHTML Platform Security Feature Bypass Vulnerability

Affected configurations

NVD
Node
microsoftwindows_10_1507Range<10.0.10240.20048
OR
microsoftwindows_10_1607Range<10.0.14393.6085
OR
microsoftwindows_10_1809Range<10.0.17763.4645
OR
microsoftwindows_10_21h2Range<10.0.19041.3208
OR
microsoftwindows_10_22h2Range<10.0.19045.3208
OR
microsoftwindows_11_21h2Range<10.0.22000.2176
OR
microsoftwindows_11_22h2Range<10.0.22621.1992
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2019Match-
OR
microsoftwindows_server_2022Match-

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

45.5%